| Package | gst-plugins-base1.0 |
|---|---|
| Version | 1.10.4-1+deb9u7 (stretch), 1.14.4-2+deb10u6 (buster) |
| Related CVEs | CVE-2026-2921 |
An integer overflow was discovered in the RIFF parser of the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
For Debian 10 buster, these problems have been fixed in version 1.14.4-2+deb10u6.
For Debian 9 stretch, these problems have been fixed in version 1.10.4-1+deb9u7.
We recommend that you upgrade your gst-plugins-base1.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.