{"id":"MGASA-2024-0119","summary":"Updated gstreamer1.0 packages fix vulnerability","details":"Heap-based buffer overflow in the AV1 codec parser when handling certain\nmalformed streams before GStreamer 1.22.9\nIt is possible for a malicious third party to trigger a crash in the\napplication, and possibly also effect code execution through heap\nmanipulation.\n","modified":"2026-04-16T00:12:35.276626396Z","published":"2024-04-10T04:03:52Z","upstream":["CVE-2024-0444"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0119.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33044"},{"type":"WEB","url":"https://gstreamer.freedesktop.org/security/sa-2024-0001.html"}],"affected":[{"package":{"name":"gstreamer1.0","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-devtools","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-devtools?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-editing-services","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-editing-services?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-libav","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-libav?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-moodbar","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-moodbar?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-omx","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-omx?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-plugins-bad","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-plugins-base","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-base?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-plugins-good","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-good?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-plugins-ugly","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-ugly?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-python","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-python?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-rtsp-server","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-rtsp-server?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-vaapi","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-vaapi?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-plugins-bad","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}},{"package":{"name":"gstreamer1.0-plugins-ugly","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gstreamer1.0-plugins-ugly?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.11-1.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0119.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}