CVE-2017-5843

HIGH
2017-02-09 [email protected]
7.5
CVSS 3.0
Share

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
Patch Released
Mar 17, 2026 - 20:45 nvd
Patch available
CVE Published
Feb 09, 2017 - 15:59 nvd
HIGH 7.5

Tags

Denial Of Service Gstreamer

Description

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

Analysis

Multiple use-after-free vulnerabilities exist in GStreamer's handling of MXF (Material eXchange Format) media files, affecting versions prior to 1.10.3. Remote attackers can exploit these flaws by crafting malicious MXF files that trigger memory corruption in functions handling stream tags (gst_mini_object_unref, gst_tag_list_unref, and gst_mxf_demux_update_essence_tracks), causing application crashes and denial of service. With an EPSS score of 7.13% (91st percentile), this vulnerability has moderate real-world exploitation probability, though no KEV listing indicates limited active exploitation.

Technical Context

GStreamer is a widely-used multimedia framework for audio and video processing on Linux and other platforms, affected per CPE cpe:2.3:a:gstreamer:gstreamer. The vulnerability stems from CWE-416 (Use After Free) errors where memory is accessed after being freed during the parsing and demuxing of MXF container files. The three affected functions—gst_mini_object_unref (reference counting), gst_tag_list_unref (tag metadata handling), and gst_mxf_demux_update_essence_tracks (MXF-specific track management)—fail to properly manage object lifecycles when processing malformed stream tags. This class of vulnerability allows freed memory to be dereferenced, leading to undefined behavior that attackers can leverage for crashes or potentially more severe exploitation.

Affected Products

GStreamer versions prior to 1.10.3 are affected, as confirmed by CPE cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*. The vulnerability impacts multiple Linux distributions including Debian (addressed in DSA-3818 and later debian-lts announcements), Red Hat Enterprise Linux (RHSA-2017:2060), and Gentoo (GLSA-201705-10). The official vendor advisory is available at https://gstreamer.freedesktop.org/releases/1.10/#1.10.3 and the bug tracking details can be found at https://bugzilla.gnome.org/show_bug.cgi?id=777503. A proof-of-concept file (02785736.mxf) demonstrating the vulnerability was disclosed in the initial reports.

Remediation

Upgrade GStreamer to version 1.10.3 or later as documented in the official release advisory at https://gstreamer.freedesktop.org/releases/1.10/#1.10.3. Distribution-specific patches are available through Debian (https://www.debian.org/security/2017/dsa-3818), Red Hat (https://access.redhat.com/errata/RHSA-2017:2060), and Gentoo (https://security.gentoo.org/glsa/201705-10) security advisories. Until patching is completed, implement defense-in-depth measures including restricting processing of untrusted MXF files, running media processing in sandboxed environments with limited privileges, and validating file sources. Organizations with automated media processing pipelines should prioritize patching to prevent denial of service attacks against production systems.

Priority Score

45
Low Medium High Critical
KEV: 0
EPSS: +7.1
CVSS: +38
POC: 0

Share

CVE-2017-5843 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy