Debian Linux
CVE-2022-1921
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.
AnalysisAI
An integer overflow vulnerability in GStreamer's AVI demux element allows attackers to trigger a heap overwrite when parsing malicious AVI files, potentially leading to arbitrary code execution. The vulnerability affects GStreamer on Debian Linux systems and requires user interaction to exploit (opening a malicious file). A public proof-of-concept exploit is available, though real-world exploitation remains low with an EPSS score of 0.06%.
Technical ContextAI
The vulnerability resides in the gst_avi_demux_invert function within GStreamer, an open-source multimedia framework used for creating streaming media applications. According to the CPE data, the flaw affects all versions of GStreamer (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*) as well as Debian Linux 10.0 and 11.0. The root cause is CWE-190 (Integer Overflow or Wraparound), where arithmetic operations on integer values produce results that exceed the maximum size the integer type can represent, leading to unexpected behavior and memory corruption.
RemediationAI
Apply the security updates provided by Debian through their official channels - DSA-5204 for Debian 11 (Bullseye) and the LTS announcement for Debian 10 (Buster). Users should update their GStreamer packages using standard package management commands (apt update && apt upgrade). As a temporary mitigation until patching is complete, avoid processing untrusted AVI files with GStreamer-based applications and consider implementing file validation or sandboxing for media processing workflows. The upstream fix is tracked at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224.
More in Debian Linux
View allRoundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au
GNU Inetutils telnetd through version 2.7 contains a critical authentication bypass that allows remote attackers to gain
Erlang/OTP SSH server allows unauthenticated remote code execution by exploiting a flaw in SSH protocol message handling
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction wi
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary
Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to e
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.2
Same weakness CWE-190 – Integer Overflow or Wraparound
View allShare
External POC / Exploit Code
Leaving vuln.today