CVE-2023-37329

EUVD-2023-41233

03.05.2024, 02:15

GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

The specific flaw exists within the parsing of SRT subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20968.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.8 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 91%

Affected Products (NVD)

Vendor	Product	Version
gstreamer	gstreamer	𝑥 < 1.20.7
gstreamer	gstreamer	1.22.0 ≤ 𝑥 < 1.22.4

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

gst-plugins-bad1.0

bookworm	1.22.0-4+deb12u5 fixed
bookworm (security)	1.22.0-4+deb12u5 fixed
bullseye	1.18.4-3+deb11u4 fixed
bullseye (security)	1.18.4-3+deb11u4 fixed
sid	1.24.10-2 fixed
trixie	1.24.10-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

gst-plugins-bad0.10

bionic	ignored
focal	dne
jammy	dne
lunar	dne
mantic	dne
noble	dne
oracular	dne
trusty	ignored
xenial	ignored

gst-plugins-bad1.0

bionic	needed
focal	Fixed 1.16.3-0ubuntu1.1 released
jammy	Fixed 1.20.3-0ubuntu1.1 released
lunar	Fixed 1.22.1-1ubuntu1.1 released
mantic	not-affected
noble	not-affected
oracular	not-affected
trusty	ignored
xenial	needed

openSUSE / SLES Releases

openSUSE Product

Release

gstreamer-plugins-bad

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

gstreamer-plugins-bad-chromaprint

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed

gstreamer-plugins-bad-devel

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

gstreamer-plugins-bad-lang

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstadaptivedemux-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstanalytics-1_0-0

suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstbadallocators-1_0-0

suse enterprise server 15 SP1

1.12.5-150000.3.9.1

fixed

libgstbadaudio-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstbadbase-1_0-0

suse enterprise server 15 SP1

1.12.5-150000.3.9.1

fixed

libgstbadvideo-1_0-0

suse enterprise server 15 SP1

1.12.5-150000.3.9.1

fixed

libgstbasecamerabinsrc-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstcodecparsers-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstcodecs-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstcuda-1_0-0

suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstdxva-1_0-0

suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstgl-1_0-0

suse enterprise server 15 SP1

1.12.5-150000.3.9.1

fixed

libgstinsertbin-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstisoff-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstmpegts-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstmse-1_0-0

suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstphotography-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstplay-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstplayer-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstsctp-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgsttranscoder-1_0-0

suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgsturidownloader-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstva-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstvulkan-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstwayland-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstwebrtc-1_0-0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

libgstwebrtcnice-1_0-0

suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-CudaGst-1_0

suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstAnalytics-1_0

suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstBadAllocators-1_0

suse enterprise server 15 SP1

1.12.5-150000.3.9.1

fixed

typelib-1_0-GstBadAudio-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstCodecs-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstCuda-1_0

suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstDxva-1_0

suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstGL-1_0

suse enterprise server 15 SP1

1.12.5-150000.3.9.1

fixed

typelib-1_0-GstInsertBin-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstMpegts-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstMse-1_0

suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstPlay-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstPlayer-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP1	1.12.5-150000.3.9.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstVa-1_0

suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

typelib-1_0-GstWebRTC-1_0

suse enterprise desktop 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise desktop 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise desktop 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise sap 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise sap 15 SP7	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP2	1.16.3-150200.4.7.2 fixed
suse enterprise server 15 SP3	1.16.3-150300.9.15.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.3.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.3.3.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.2.2 fixed
suse enterprise server 15 SP7	1.24.0-150600.2.2 fixed

Common Weakness Enumeration

References

https://gstreamer.freedesktop.org/security/sa-2023-0002.html

https://www.zerodayinitiative.com/advisories/ZDI-23-902/

https://gstreamer.freedesktop.org/security/sa-2023-0002.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGQEFZ6ZB3C2XU4JQD3IAFMQIN456W2D/

https://www.zerodayinitiative.com/advisories/ZDI-23-902/