Skip to main content

Debian Linux CVE-2022-1923

HIGH
Heap-based Buffer Overflow (CWE-122)
2022-07-19 secalert@redhat.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
PoC Detected
Mar 17, 2026 - 15:52 vuln.today
Public exploit code
CVE Published
Jul 19, 2022 - 20:15 nvd
HIGH 7.8

DescriptionCVE.org

DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.

AnalysisAI

An integer overflow vulnerability in GStreamer's matroska demuxer can cause denial of service through segmentation faults or potentially allow heap memory corruption when processing malformed MKV files with bzip compression. The vulnerability affects GStreamer versions prior to patches released in 2022, with proof-of-concept exploits publicly available and an EPSS score of 0.04% indicating low but non-zero exploitation probability. While not currently in CISA's KEV catalog, the vulnerability requires only local access with user interaction to exploit, achieving high impact across confidentiality, integrity, and availability.

Technical ContextAI

The vulnerability exists in the matroskademux element of GStreamer, a popular multimedia framework, specifically in the bzip decompression function used when parsing MKV (Matroska) container files. According to the CPE data, all versions of GStreamer (cpe:2.3:a:gstreamer:gstreamer:*) are affected, along with Debian Linux 10.0 and 11.0. The root cause is CWE-122 (Heap-based Buffer Overflow), where an integer overflow during memory reallocation can lead to writing beyond allocated heap boundaries. The security impact varies based on the libc implementation and operating system memory management capabilities - systems using mmap for large allocations will experience only denial of service, while others may suffer heap corruption.

RemediationAI

Apply the security updates provided by your distribution immediately - Debian users should install the patches referenced in DSA-5204 (https://www.debian.org/security/2022/dsa-5204) and the LTS announcement (https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html). For systems that cannot be immediately patched, consider implementing application-level controls to prevent processing of untrusted MKV files or disable bzip decompression support in GStreamer if not required. Monitor the upstream GStreamer issue tracker at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 for additional updates and verify successful patching by testing with the proof-of-concept if available in a controlled environment.

CVE-2025-49113 CRITICAL POC
9.9 Jun 02

Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au

CVE-2026-24061 CRITICAL POC
9.8 Jan 21

GNU Inetutils telnetd through version 2.7 contains a critical authentication bypass that allows remote attackers to gain

CVE-2025-32433 CRITICAL POC
10.0 Apr 16

Erlang/OTP SSH server allows unauthenticated remote code execution by exploiting a flaw in SSH protocol message handling

CVE-2017-11610 HIGH POC
8.8 Aug 23

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem

CVE-2015-0235 CRITICAL POC
10.0 Jan 28

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,

CVE-2014-3704 HIGH POC
7.5 Oct 16

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct

CVE-2013-0156 HIGH POC
7.5 Jan 13

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an

CVE-2017-12629 CRITICAL POC
9.8 Oct 14

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction wi

CVE-2017-14492 CRITICAL POC
9.8 Oct 03

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut

CVE-2014-2323 CRITICAL POC
9.8 Mar 14

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary

CVE-2016-2098 HIGH POC
7.3 Apr 07

Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to e

CVE-2016-6662 CRITICAL POC
9.8 Sep 20

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.2

Share

CVE-2022-1923 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy