CVE-2022-1920

EPSS 0.5%CWE-122

Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.

Affected products

n/a · GStreamer

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204