CVE-2016-9634

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
gstreamergstreamer
𝑥
≤ 1.10.1
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_hpc_node
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gst-plugins-good1.0
bookworm
1.22.0-5+deb12u1
fixed
bookworm (security)
1.22.0-5+deb12u1
fixed
bullseye
1.18.4-2+deb11u2
fixed
bullseye (security)
1.18.4-2+deb11u2
fixed
sid
1.24.9-1
fixed
trixie
1.24.9-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gst-plugins-good0.10
precise
Fixed 0.10.31-1ubuntu1.3
released
trusty
Fixed 0.10.31-3+nmu1ubuntu5.1
released
xenial
Fixed 0.10.31-3+nmu4ubuntu2.16.04.1
released
yakkety
dne
zesty
dne
gst-plugins-good1.0
precise
dne
trusty
Fixed 1.2.4-1~ubuntu1.1
released
xenial
Fixed 1.8.2-1ubuntu0.2
released
yakkety
Fixed 1.8.3-1ubuntu1.1
released
zesty
Fixed 1.10.2-1ubuntu1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
gstreamer-0_10-plugins-good
suse enterprise desktop 12 SP1
0.10.31-13.3.3
fixed
suse enterprise desktop 12 SP2
0.10.31-16.1
fixed
suse enterprise desktop 12 SP3
0.10.31-16.1
fixed
suse enterprise desktop 12 SP4
0.10.31-16.1
fixed
suse enterprise sap 12 SP1
0.10.31-13.3.3
fixed
suse enterprise sap 12 SP2
0.10.31-16.1
fixed
suse enterprise sap 12 SP3
0.10.31-16.1
fixed
suse enterprise sap 12 SP4
0.10.31-16.1
fixed
suse enterprise sap 12 SP5
0.10.31-16.1
fixed
suse enterprise server 12 SP1
0.10.31-13.3.3
fixed
suse enterprise server 12 SP2
0.10.31-16.1
fixed
suse enterprise server 12 SP3
0.10.31-16.1
fixed
suse enterprise server 12 SP4
0.10.31-16.1
fixed
suse enterprise server 12 SP5
0.10.31-16.1
fixed
suse enterprise workstation 12 SP1
0.10.31-13.3.3
fixed
suse enterprise workstation 12 SP2
0.10.31-16.1
fixed
suse enterprise workstation 12 SP3
0.10.31-16.1
fixed
suse enterprise workstation 12 SP4
0.10.31-16.1
fixed
suse enterprise workstation 12 SP5
0.10.31-16.1
fixed
gstreamer-0_10-plugins-good-lang
suse enterprise desktop 12 SP1
0.10.31-13.3.3
fixed
suse enterprise desktop 12 SP2
0.10.31-16.1
fixed
suse enterprise desktop 12 SP3
0.10.31-16.1
fixed
suse enterprise desktop 12 SP4
0.10.31-16.1
fixed
suse enterprise sap 12 SP1
0.10.31-13.3.3
fixed
suse enterprise sap 12 SP2
0.10.31-16.1
fixed
suse enterprise sap 12 SP3
0.10.31-16.1
fixed
suse enterprise sap 12 SP4
0.10.31-16.1
fixed
suse enterprise sap 12 SP5
0.10.31-16.1
fixed
suse enterprise server 12 SP1
0.10.31-13.3.3
fixed
suse enterprise server 12 SP2
0.10.31-16.1
fixed
suse enterprise server 12 SP3
0.10.31-16.1
fixed
suse enterprise server 12 SP4
0.10.31-16.1
fixed
suse enterprise server 12 SP5
0.10.31-16.1
fixed
suse enterprise workstation 12 SP1
0.10.31-13.3.3
fixed
suse enterprise workstation 12 SP2
0.10.31-16.1
fixed
suse enterprise workstation 12 SP3
0.10.31-16.1
fixed
suse enterprise workstation 12 SP4
0.10.31-16.1
fixed
suse enterprise workstation 12 SP5
0.10.31-16.1
fixed
gstreamer-plugins-good
suse enterprise sap 12 SP1
1.2.4-2.3.1
fixed
suse enterprise sap 12 SP2
1.8.3-9.1
fixed
suse enterprise sap 12 SP5
1.8.3-15.1
fixed
suse enterprise server 12 SP1
1.2.4-2.3.1
fixed
suse enterprise server 12 SP2
1.8.3-9.1
fixed
suse enterprise server 12 SP3
1.8.3-15.1
fixed
suse enterprise server 12 SP4
1.8.3-15.1
fixed
suse enterprise server 12 SP5
1.8.3-15.1
fixed
gstreamer-plugins-good-lang
suse enterprise sap 12 SP1
1.2.4-2.3.1
fixed
suse enterprise sap 12 SP2
1.8.3-9.1
fixed
suse enterprise sap 12 SP5
1.8.3-15.1
fixed
suse enterprise server 12 SP1
1.2.4-2.3.1
fixed
suse enterprise server 12 SP2
1.8.3-9.1
fixed
suse enterprise server 12 SP3
1.8.3-15.1
fixed
suse enterprise server 12 SP4
1.8.3-15.1
fixed
suse enterprise server 12 SP5
1.8.3-15.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
gstreamer-plugins-good
RHEL 6
0:0.10.23-4.el6_8
fixed
RHEL 7
0:0.10.31-12.el7_3
fixed
gstreamer-plugins-good-devel
RHEL 6
0:0.10.23-4.el6_8
fixed
gstreamer-plugins-good-devel-docs
RHEL 7
0:0.10.31-12.el7_3
fixed
gstreamer1-plugins-good
RHEL 7
0:1.4.5-3.el7_3
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2016-2975.html
http://rhn.redhat.com/errata/RHSA-2017-0019.html
http://rhn.redhat.com/errata/RHSA-2017-0020.html
http://www.debian.org/security/2016/dsa-3723
http://www.debian.org/security/2016/dsa-3724
http://www.openwall.com/lists/oss-security/2016/11/24/2
http://www.securityfocus.com/bid/94499
https://bugzilla.gnome.org/show_bug.cgi?id=774834
https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html
https://security.gentoo.org/glsa/201705-10
http://rhn.redhat.com/errata/RHSA-2016-2975.html
http://rhn.redhat.com/errata/RHSA-2017-0019.html
http://rhn.redhat.com/errata/RHSA-2017-0020.html
http://www.debian.org/security/2016/dsa-3723
http://www.debian.org/security/2016/dsa-3724
http://www.openwall.com/lists/oss-security/2016/11/24/2
http://www.securityfocus.com/bid/94499
https://bugzilla.gnome.org/show_bug.cgi?id=774834
https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html
https://security.gentoo.org/glsa/201705-10