| Errata ID | 296 |
|---|---|
| Date | 2018-02-14 |
| Source package | gst-plugins-bad1.0 |
| Fixed in version | 1.4.4-2.1+deb8u2 |
| Description | This update addresses the following issues: * The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing. (CVE-2017-5848) * Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf. (CVE-2017-5843) * The _parse_pat function in the mpegts parser allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. (CVE-2016-9813) * The gst_mpegts_section_new function in the mpegts decoder allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section. (CVE-2016-9812) * Off-by-one error in the gst_h264_parse_set_caps function allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. (CVE-2016-9809) |
| Additional notes | |
| CVE ID | CVE-2016-9812 CVE-2016-9813 CVE-2016-9809 CVE-2017-5843 CVE-2017-5848 |
| UCS Bug number | #46122 |
