CVE-2022-1925

Summary

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks.

Affected Software

VendorProductVersion RangeStatus
n/aGStreamer1.20.3affected

Weaknesses

  • CWE-122: CWE-122

ADP Enrichment

CVE Program Container

Additional References

References