What is the CVSS score of CVE-2022-1920?

CVE-2022-1920 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Debian Linux are affected by CVE-2022-1920?

CVE-2022-1920 presents notable security risk, a heap-based buffer overflow vulnerability rated CVSS 7.8.

Is there a public PoC exploit available for CVE-2022-1920?

Yes, a public proof-of-concept exploit is available for CVE-2022-1920. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2022-1920?

Within 7 days: Identify all affected systems running matroskademux element in gst_matroska_demux_add_wvpk_header and apply vendor patches promptly. If patching is delayed, consider network segmentation to limit exposure.

Debian Linux CVE-2022-1920

HIGH

Heap-based Buffer Overflow (CWE-122)

2022-07-19 secalert@redhat.com

RCE Debian Linux Gstreamer

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 17, 2026 - 20:45 vuln.today

PoC Detected

Mar 17, 2026 - 15:52 vuln.today

Public exploit code

CVE Published

Jul 19, 2022 - 20:15 nvd

HIGH 7.8

DescriptionNVD

Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.

AnalysisAI

An integer overflow vulnerability in the GStreamer multimedia framework's matroska demuxer allows heap memory corruption when parsing specially crafted Matroska video files. The vulnerability affects GStreamer versions across multiple Linux distributions and can lead to arbitrary code execution through heap overwrite, requiring only local access and user interaction to open a malicious file. A public proof-of-concept exploit is available, though real-world exploitation remains relatively low with an EPSS score of 0.07%.

Technical ContextAI

The vulnerability resides in the matroskademux element of GStreamer, specifically in the gst_matroska_demux_add_wvpk_header function that processes Matroska (MKV) container files. According to the CPE data, this affects the core GStreamer library (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*) as well as specific implementations in Debian Linux 10.0 and 11.0. The root cause is CWE-122 (Heap-based Buffer Overflow), where an integer overflow during header parsing calculations leads to insufficient memory allocation, allowing subsequent operations to write beyond allocated heap boundaries.

RemediationAI

Apply the security updates provided by your Linux distribution immediately - Debian users should install the patches referenced in DSA-5204 at https://www.debian.org/security/2022/dsa-5204 and the LTS announcement at https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html. For systems that cannot be immediately patched, implement compensating controls by restricting access to untrusted Matroska files and using sandboxed media players or containers when processing video files from unknown sources. Monitor the upstream GStreamer issue at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226 for additional patch information.

CVE-2022-1920 vulnerability details – vuln.today

Back

Debian Linux CVE-2022-1920

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code