Wind River Support Network

HomeDefectsLIN8-5899

Fixed

LIN8-5899 : Security Advisory - gstreamer - CVE-2017-5839

Created: Feb 27, 2017 Updated: Dec 3, 2018

Resolved Date: Mar 17, 2017

Found In Version: 8.0.0.14

Fix Version: 8.0.0.16

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5839

Other Downloads

Wind River Linux 8.0.0.16
Wind River Linux 8.0.0.17
Wind River Linux 8.0.0.18
Wind River Linux 8.0.0.19
Wind River Linux 8.0.0.20
Wind River Linux 8.0.0.21
Wind River Linux 8.0.0.22
Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-5839