UBUNTU-CVE-2026-12893

Source
https://ubuntu.com/security/CVE-2026-12893
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-12893
Upstream
  • CVE-2026-12893
Published
2026-07-06T00:00:00Z
Modified
2026-07-06T20:30:23.427763367Z
Severity
  • Ubuntu - medium
Summary
[none]
Details

[gstreamer1-libav: gstreamer1-libav: NULL pointer dereference in gstavdemux.c error handler]

References

Affected packages

Ubuntu:16.04:LTS
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.6.0-1
1.6.0-2
1.6.1-1
1.6.2-1
1.7.1-1
1.7.2-1
1.7.90-1
1.8.0-1
1.8.1-1~ubuntu1
1.8.2-1~ubuntu1
1.8.3-1ubuntu0.1
1.8.3-1ubuntu0.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.8.3-1ubuntu0.2",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"
Ubuntu:18.04:LTS
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.12.2-1
1.12.3-1
1.12.4-1
1.13.91-1
1.14.0-1
1.14.1-1~ubuntu18.04.1
1.14.4-0ubuntu1~ubuntu18.04.1
1.14.5-0ubuntu1~18.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.14.5-0ubuntu1~18.04.1",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"
Ubuntu:20.04:LTS
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.16.1-1
1.16.2-1
1.16.2-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.16.2-2",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"
Ubuntu:22.04:LTS
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.18.5-1
1.20.0-1
1.20.1-1
1.20.3-0ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.20.3-0ubuntu1",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"
Ubuntu:24.04:LTS
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.22.5-1
1.22.6-1
1.22.7-1
1.22.8-1
1.22.10-1
1.24.1-1
1.24.1-1build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.24.1-1build1",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"
Ubuntu:25.10
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.26.0-1
1.26.1-1
1.26.2-1
1.26.3-1
1.26.4-1
1.26.5-1
1.26.6-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.26.6-1",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"
Ubuntu:26.04:LTS
gst-libav1.0

Package

Name
gst-libav1.0
Purl
pkg:deb/ubuntu/gst-libav1.0?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.26.6-1
1.27.2-1
1.27.2-1build1
1.27.90-1
1.28.0-1
1.28.1-1
1.28.2-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1.28.2-1",
            "binary_name": "gstreamer1.0-libav"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-12893.json"