What is the severity of CVE-2017-5848?

The severity of CVE-2017-5848 is classified as high due to potential buffer overflows and invalid memory access.

How do I fix CVE-2017-5848?

To fix CVE-2017-5848, you should update GStreamer to version 1.11.3 or later where the vulnerability has been patched.

Which software versions are affected by CVE-2017-5848?

CVE-2017-5848 affects GStreamer versions prior to 1.11.3, Debian 8.0 and 9.0, and Red Hat Enterprise Linux versions 7.0, 7.4, 7.5, 7.6, and 7.7.

What are the risks associated with CVE-2017-5848?

The risks associated with CVE-2017-5848 include possible exploitation that may lead to remote code execution or application crashes.

Is CVE-2017-5848 being actively exploited in the wild?

As of now, there are no specific reports confirming active exploitation of CVE-2017-5848 in the wild.

Vulnerability/
CVE-2017-5848

high

7.5

CWE

119 125

6/2/2017

9/2/2017

20/11/2020

CVE-2017-5848: Buffer Overflow

First published: Mon Feb 06 2017(Updated: )

Invalid memory read and possible buffer overflows were found in PSM parser. Upstream bug: <a href="https://bugzilla.gnome.org/show_bug.cgi?id=777957">https://bugzilla.gnome.org/show_bug.cgi?id=777957</a> Upstream patch: <a href="https://github.com/GStreamer/gst-plugins-bad/commit/948b87bf1514de">https://github.com/GStreamer/gst-plugins-bad/commit/948b87bf1514de</a> CVE assignment: <a href="http://seclists.org/oss-sec/2017/q1/284">http://seclists.org/oss-sec/2017/q1/284</a>

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GStreamer	<1.11.2
Debian GNU/Linux	=8.0
Debian GNU/Linux	=9.0
redhat enterprise Linux desktop	=7.0
redhat enterprise Linux eus	=7.4
redhat enterprise Linux eus	=7.5
redhat enterprise Linux eus	=7.6
redhat enterprise Linux eus	=7.7
redhat enterprise Linux server	=7.0
redhat enterprise Linux server aus	=7.4
redhat enterprise Linux server aus	=7.6
redhat enterprise Linux server aus	=7.7
redhat enterprise Linux server tus	=7.6
redhat enterprise Linux server tus	=7.7
redhat enterprise Linux workstation	=7.0

Remedy

http://www.openwall.com/lists/oss-security/2017/02/02/9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5848?
The severity of CVE-2017-5848 is classified as high due to potential buffer overflows and invalid memory access.
How do I fix CVE-2017-5848?
To fix CVE-2017-5848, you should update GStreamer to version 1.11.3 or later where the vulnerability has been patched.
Which software versions are affected by CVE-2017-5848?
CVE-2017-5848 affects GStreamer versions prior to 1.11.3, Debian 8.0 and 9.0, and Red Hat Enterprise Linux versions 7.0, 7.4, 7.5, 7.6, and 7.7.
What are the risks associated with CVE-2017-5848?
The risks associated with CVE-2017-5848 include possible exploitation that may lead to remote code execution or application crashes.
Is CVE-2017-5848 being actively exploited in the wild?
As of now, there are no specific reports confirming active exploitation of CVE-2017-5848 in the wild.

agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2017-5848
agent/references
agent/author
agent/description
agent/remedy
agent/severity
agent/weakness
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/gstreamer project
canonical/gstreamer
vendor/debian
canonical/debian gnu/linux
version/debian gnu/linux/8.0
version/debian gnu/linux/9.0
vendor/redhat
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux eus
version/redhat enterprise linux eus/7.4
version/redhat enterprise linux eus/7.5
version/redhat enterprise linux eus/7.6
version/redhat enterprise linux eus/7.7
canonical/redhat enterprise linux server
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux server aus
version/redhat enterprise linux server aus/7.4
version/redhat enterprise linux server aus/7.6
version/redhat enterprise linux server aus/7.7
canonical/redhat enterprise linux server tus
version/redhat enterprise linux server tus/7.6
version/redhat enterprise linux server tus/7.7
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/7.0

Frequently Asked Questions

What is the severity of CVE-2017-5848?
The severity of CVE-2017-5848 is classified as high due to potential buffer overflows and invalid memory access.
How do I fix CVE-2017-5848?
To fix CVE-2017-5848, you should update GStreamer to version 1.11.3 or later where the vulnerability has been patched.
Which software versions are affected by CVE-2017-5848?
CVE-2017-5848 affects GStreamer versions prior to 1.11.3, Debian 8.0 and 9.0, and Red Hat Enterprise Linux versions 7.0, 7.4, 7.5, 7.6, and 7.7.
What are the risks associated with CVE-2017-5848?
The risks associated with CVE-2017-5848 include possible exploitation that may lead to remote code execution or application crashes.
Is CVE-2017-5848 being actively exploited in the wild?
As of now, there are no specific reports confirming active exploitation of CVE-2017-5848 in the wild.

CVE-2017-5848: Buffer Overflow

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5848?

How do I fix CVE-2017-5848?

Which software versions are affected by CVE-2017-5848?

What are the risks associated with CVE-2017-5848?

Is CVE-2017-5848 being actively exploited in the wild?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-5848?

How do I fix CVE-2017-5848?

Which software versions are affected by CVE-2017-5848?

What are the risks associated with CVE-2017-5848?

Is CVE-2017-5848 being actively exploited in the wild?