Fluid Attacks Database

Description

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a specially crafted VMnc file, potentially causing a crash or information disclosure.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
rpm rhel7	gstreamer1-plugins-bad-free	-
rpm rhel9	gstreamer1-plugins-bad-free	-
rpm rhel6	gstreamer-plugins-bad-free	-
rpm rhel10	gstreamer1-plugins-bad-free	-
rpm rhel8	gstreamer1-plugins-bad-free	-
debian 11	gst-plugins-bad1.0	=1.18.4-3 \|\| =1.18.4-3+deb11u1 \|\| =1.18.4-3+deb11u2 \|\| =1.18.4-3+deb11u3 \|\| =1.18.4-3+deb11u4 \|\| =1.18.4-3+deb11u5 \|\| =1.18.4-3+deb11u6 \|\| =1.18.5-1 \|\| =1.19.90-1 \|\| =1.20.0-1 \|\| =1.20.0-2 \|\| =1.20.0-3 \|\| =1.20.0-4 \|\| =1.20.1-1 \|\| =1.20.1-2 \|\| =1.20.2-1 \|\| =1.20.3-1 \|\| =1.20.3-2 \|\| =1.20.4-1 \|\| =1.20.5-1 \|\| =1.22.0-1 \|\| =1.22.0-2 \|\| =1.22.0-3 \|\| =1.22.0-4 \|\| =1.22.1-1 \|\| =1.22.10-1 \|\| =1.22.3-1 \|\| =1.22.3-2 \|\| =1.22.4-1 \|\| =1.22.7-1 \|\| =1.22.8-1 \|\| =1.22.9-1 \|\| =1.22.9-2 \|\| =1.23.1-1 \|\| =1.23.2-1 \|\| =1.23.90-1 \|\| =1.24.0-1 \|\| =1.24.1-1 \|\| =1.24.1-2 \|\| =1.24.1-3 \|\| =1.24.1-4 \|\| =1.24.10-1 \|\| =1.24.10-2 \|\| =1.24.10-2+hurd.1 \|\| =1.24.10-3 \|\| =1.24.11-1 \|\| =1.24.11-2 \|\| =1.24.11-3 \|\| =1.24.12-1 \|\| =1.24.12-2 \|\| =1.24.12-3 \|\| =1.24.2-1 \|\| =1.24.2-2 \|\| =1.24.2-3 \|\| =1.24.2-4 \|\| =1.24.3-1 \|\| =1.24.4-1 \|\| =1.24.4-2 \|\| =1.24.5-1 \|\| =1.24.6-1 \|\| =1.24.7-1 \|\| =1.24.8-1 \|\| =1.24.8-2 \|\| =1.24.9-1 \|\| =1.25.1-1 \|\| =1.25.1-2 \|\| =1.25.1-3 \|\| =1.25.50-1 \|\| =1.25.90-1 \|\| =1.25.90-2 \|\| =1.25.90-3 \|\| =1.26.0-1 \|\| =1.26.1-1 \|\| =1.26.10-1 \|\| =1.26.10-2 \|\| =1.26.2-1 \|\| =1.26.2-2 \|\| =1.26.2-3 \|\| =1.26.3-1 \|\| =1.26.4-1 \|\| =1.26.5-1 \|\| =1.26.5-2 \|\| =1.26.6-1 \|\| =1.26.6-2 \|\| =1.26.6-3 \|\| =1.26.6-4 \|\| =1.26.6-5 \|\| =1.26.7-1 \|\| =1.26.7-2 \|\| =1.26.8-1 \|\| =1.26.9-1 \|\| =1.27.1-1 \|\| =1.27.2-1 \|\| =1.27.50-1 \|\| =1.27.90-1 \|\| =1.27.90-2 \|\| =1.27.90-3 \|\| =1.28.0-1 \|\| =1.28.1-1 \|\| =1.28.1-2 \|\| =1.28.1-3 \|\| =1.28.2-1 \|\| =1.28.2-2 \|\| =1.28.3-1 \|\| =1.28.4-1 \|\| =1.29.1-1
debian 12	gst-plugins-bad1.0	=1.22.0-4 \|\| =1.22.0-4+deb12u1 \|\| =1.22.0-4+deb12u2 \|\| =1.22.0-4+deb12u3 \|\| =1.22.0-4+deb12u4 \|\| =1.22.0-4+deb12u5 \|\| =1.22.0-4+deb12u6 \|\| =1.22.0-4+deb12u7 \|\| =1.22.1-1 \|\| =1.22.10-1 \|\| =1.22.3-1 \|\| =1.22.3-2 \|\| =1.22.4-1 \|\| =1.22.7-1 \|\| =1.22.8-1 \|\| =1.22.9-1 \|\| =1.22.9-2 \|\| =1.23.1-1 \|\| =1.23.2-1 \|\| =1.23.90-1 \|\| =1.24.0-1 \|\| =1.24.1-1 \|\| =1.24.1-2 \|\| =1.24.1-3 \|\| =1.24.1-4 \|\| =1.24.10-1 \|\| =1.24.10-2 \|\| =1.24.10-2+hurd.1 \|\| =1.24.10-3 \|\| =1.24.11-1 \|\| =1.24.11-2 \|\| =1.24.11-3 \|\| =1.24.12-1 \|\| =1.24.12-2 \|\| =1.24.12-3 \|\| =1.24.2-1 \|\| =1.24.2-2 \|\| =1.24.2-3 \|\| =1.24.2-4 \|\| =1.24.3-1 \|\| =1.24.4-1 \|\| =1.24.4-2 \|\| =1.24.5-1 \|\| =1.24.6-1 \|\| =1.24.7-1 \|\| =1.24.8-1 \|\| =1.24.8-2 \|\| =1.24.9-1 \|\| =1.25.1-1 \|\| =1.25.1-2 \|\| =1.25.1-3 \|\| =1.25.50-1 \|\| =1.25.90-1 \|\| =1.25.90-2 \|\| =1.25.90-3 \|\| =1.26.0-1 \|\| =1.26.1-1 \|\| =1.26.10-1 \|\| =1.26.10-2 \|\| =1.26.2-1 \|\| =1.26.2-2 \|\| =1.26.2-3 \|\| =1.26.3-1 \|\| =1.26.4-1 \|\| =1.26.5-1 \|\| =1.26.5-2 \|\| =1.26.6-1 \|\| =1.26.6-2 \|\| =1.26.6-3 \|\| =1.26.6-4 \|\| =1.26.6-5 \|\| =1.26.7-1 \|\| =1.26.7-2 \|\| =1.26.8-1 \|\| =1.26.9-1 \|\| =1.27.1-1 \|\| =1.27.2-1 \|\| =1.27.50-1 \|\| =1.27.90-1 \|\| =1.27.90-2 \|\| =1.27.90-3 \|\| =1.28.0-1 \|\| =1.28.1-1 \|\| =1.28.1-2 \|\| =1.28.1-3 \|\| =1.28.2-1 \|\| =1.28.2-2 \|\| =1.28.3-1 \|\| =1.28.4-1 \|\| =1.29.1-1
debian 13	gst-plugins-bad1.0	=1.26.10-1 \|\| =1.26.10-2 \|\| =1.26.2-3 \|\| =1.26.2-3+deb13u1 \|\| =1.26.3-1 \|\| =1.26.4-1 \|\| =1.26.5-1 \|\| =1.26.5-2 \|\| =1.26.6-1 \|\| =1.26.6-2 \|\| =1.26.6-3 \|\| =1.26.6-4 \|\| =1.26.6-5 \|\| =1.26.7-1 \|\| =1.26.7-2 \|\| =1.26.8-1 \|\| =1.26.9-1 \|\| =1.27.1-1 \|\| =1.27.2-1 \|\| =1.27.50-1 \|\| =1.27.90-1 \|\| =1.27.90-2 \|\| =1.27.90-3 \|\| =1.28.0-1 \|\| =1.28.1-1 \|\| =1.28.1-2 \|\| =1.28.1-3 \|\| =1.28.2-1 \|\| =1.28.2-2 \|\| =1.28.3-1 \|\| =1.28.4-1 \|\| =1.29.1-1
debian 14	gst-plugins-bad1.0	=1.26.10-1 \|\| =1.26.10-2 \|\| =1.26.2-3 \|\| =1.26.3-1 \|\| =1.26.4-1 \|\| =1.26.5-1 \|\| =1.26.5-2 \|\| =1.26.6-1 \|\| =1.26.6-2 \|\| =1.26.6-3 \|\| =1.26.6-4 \|\| =1.26.6-5 \|\| =1.26.7-1 \|\| =1.26.7-2 \|\| =1.26.8-1 \|\| =1.26.9-1 \|\| =1.27.1-1 \|\| =1.27.2-1 \|\| =1.27.50-1 \|\| =1.27.90-1 \|\| =1.27.90-2 \|\| =1.27.90-3 \|\| =1.28.0-1 \|\| =1.28.1-1 \|\| =1.28.1-2 \|\| =1.28.1-3 \|\| =1.28.2-1 \|\| =1.28.2-2 \|\| =1.28.3-1 \|\| =1.28.4-1 \|\| =1.29.1-1
rpm rhel7	gstreamer-plugins-bad-free	-

Aliases

1. CVE-2026-527222. NVD-2026-527223. OSV-2026-527224. OSV-DEBIAN-2026-527225. SECURITY-TRACKER-CVE-2026-52722

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.