MGASA-2021-0079

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2021-0079.html
Import Source
https://advisories.mageia.org/MGASA-2021-0079.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2021-0079
Related
Published
2021-02-10T18:41:52Z
Modified
2021-02-10T17:30:56Z
Summary
Updated gstreamer1.0-plugins-bad packages fix security vulnerability
Details

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. (CVE-2021-3185).

References
Credits

Affected packages

Mageia:7 / gstreamer1.0-plugins-bad

Package

Name
gstreamer1.0-plugins-bad
Purl
pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.16.0-1.1.mga7

Ecosystem specific 

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2021-0079.json"

Mageia:7 / gstreamer1.0-plugins-bad

Package

Name
gstreamer1.0-plugins-bad
Purl
pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.16.0-1.1.mga7.tainted

Ecosystem specific 

{
    "section": "tainted"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2021-0079.json"