{"id":"MGASA-2021-0079","summary":"Updated gstreamer1.0-plugins-bad packages fix security vulnerability","details":"A flaw was found in the gstreamer h264 component of gst-plugins-bad before\nv1.18.1 where when parsing a h264 header, an attacker could cause the stack to\nbe smashed, memory corruption and possibly code execution. (CVE-2021-3185).\n","modified":"2026-04-16T00:09:32.531955968Z","published":"2021-02-10T18:41:52Z","upstream":["CVE-2021-3185"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0079.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28174"},{"type":"WEB","url":"https://www.debian.org/security/2021/dsa-4833"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1917192"},{"type":"WEB","url":"https://seclists.org/oss-sec/2021/q1/59"}],"affected":[{"package":{"name":"gstreamer1.0-plugins-bad","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.0-1.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0079.json"}},{"package":{"name":"gstreamer1.0-plugins-bad","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.0-1.1.mga7.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0079.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}