767187 – media-libs/gst-plugins-bad: Buffer overflow in h264 parser (CVE-2021-3185)

Bug 767187 - media-libs/gst-plugins-bad: Buffer overflow in h264 parser (CVE-2021-3185)

Summary: media-libs/gst-plugins-bad: Buffer overflow in h264 parser (CVE-2021-3185)

Status:	RESOLVED DUPLICATE of bug 766336

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2021-01-25 20:09 UTC by Sam James
Modified:	2021-01-25 20:10 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2021-01-25 20:09:31 UTC

Description:
"A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution."

Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1917192

Unclear if 16.x is affected, presumably it is.

Comment 1 Sam James archtester

2021-01-25 20:10:32 UTC


*** This bug has been marked as a duplicate of bug 766336 ***