GStreamer CVE-2017-5840
HIGHSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
AnalysisAI
A buffer overflow vulnerability in GStreamer's MP4/QuickTime demuxer allows remote attackers to cause denial of service through out-of-bounds heap memory reads. The vulnerability affects GStreamer versions before 1.10.3 and can be triggered by processing specially crafted MP4 files, making it a concern for applications that process untrusted media content. With an EPSS score of 6.86% (91st percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild.
Technical ContextAI
The vulnerability resides in the qtdemux_parse_samples function within the gst/isomp4/qtdemux.c file of the gst-plugins-good component, which is responsible for parsing MP4 and QuickTime media containers. Based on the CPE identifier (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*), all GStreamer installations prior to version 1.10.3 are affected. The issue is classified as CWE-125 (Out-of-bounds Read), occurring when the code improperly handles the current stts (time-to-sample) index while parsing sample data from media files, allowing reads beyond allocated heap memory boundaries.
RemediationAI
Upgrade GStreamer to version 1.10.3 or later, which contains the fix for this vulnerability as documented in the official GStreamer release notes at https://gstreamer.freedesktop.org/releases/1.10/#1.10.3. For distribution-specific updates, apply the security patches provided: Debian users should reference DSA-3820, Red Hat users should apply RHSA-2017:2060, and Gentoo users should follow GLSA-201705-10. As a temporary mitigation until patching is possible, restrict processing of untrusted MP4/QuickTime files and implement input validation or sandboxing for media processing operations.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today