CVE-2023-37329: GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
First published: Mon Jul 31 2023(Updated: )
GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of SRT subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20968.
Credit: zdi-disclosures@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ubuntu/gst-plugins-bad1.0 | <1.16.3-0ubuntu1.1 | 1.16.3-0ubuntu1.1 |
| ubuntu/gst-plugins-bad1.0 | <1.20.3-0ubuntu1.1 | 1.20.3-0ubuntu1.1 |
| ubuntu/gst-plugins-bad1.0 | <1.22.1-1ubuntu1.1 | 1.22.1-1ubuntu1.1 |
| ubuntu/gst-plugins-bad1.0 | <1.22.4-1 | 1.22.4-1 |
| debian/gst-plugins-bad1.0 | <=1.14.4-1+deb10u2 | 1.14.4-1+deb10u5 1.18.4-3+deb11u4 1.22.0-4+deb12u5 1.22.10-1 1.24.2-3 |
| GStreamer | <1.20.7 | |
| GStreamer | >=1.22.0<1.22.4 | |
| GStreamer |
Remedy
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/60226124ec367c2549e4bf1e6174dfb8eca5a63d
Remedy
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/5f3cf0a7d7ae7ab883d0611e85c06354f1e94907
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://gstreamer.freedesktop.org/security/sa-2023-0003.html
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/4896.patch
- https://ubuntu.com/security/notices/USN-6526-1
- https://www.cve.org/CVERecord?id=CVE-2023-37329
- https://nvd.nist.gov/vuln/detail/CVE-2023-37329
- https://launchpad.net/bugs/cve/CVE-2023-37329
- https://security-tracker.debian.org/tracker/CVE-2023-37329
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/60226124ec367c2549e4bf1e6174dfb8eca5a63d
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/5f3cf0a7d7ae7ab883d0611e85c06354f1e94907
- https://ubuntu.com/security/CVE-2023-37329
- https://www.zerodayinitiative.com/advisories/ZDI-23-902/
- https://gstreamer.freedesktop.org/security/sa-2023-0002.html
Frequently Asked Questions
What is CVE-2023-37329?
CVE-2023-37329 is a vulnerability that allows a heap overwrite in the PGS subtitle overlay decoder.
What software is affected by CVE-2023-37329?
The gst-plugins-bad1.0 package is affected by CVE-2023-37329.
How severe is CVE-2023-37329?
The severity of CVE-2023-37329 has not been provided.
How can I fix the CVE-2023-37329 vulnerability on Ubuntu?
To fix the CVE-2023-37329 vulnerability on Ubuntu, update the gst-plugins-bad1.0 package to version 1.22.4-1 or later.
How can I fix the CVE-2023-37329 vulnerability on Debian?
To fix the CVE-2023-37329 vulnerability on Debian, update the gst-plugins-bad1.0 package to version 1.14.4-1+deb10u5 or later.
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- collector/security-tracker-debian
- source/Debian
- agent/references
- agent/title
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/trending
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-23-902
- alias/ZDI-CAN-20968
- alias/CVE-2023-37329
- agent/softwarecombine
- package-manager/ubuntu
- package-manager/debian
- vendor/gstreamer project
- canonical/gstreamer
- version/gstreamer/1.22.0
- vendor/gstreamer