What is the CVSS score of CVE-2022-1925?

CVE-2022-1925 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Debian Linux are affected by CVE-2022-1925?

CVE-2022-1925 presents notable security risk, a heap-based buffer overflow vulnerability rated CVSS 7.8.

Is there a public PoC exploit available for CVE-2022-1925?

Yes, a public proof-of-concept exploit is available for CVE-2022-1925. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2022-1925?

Within 7 days: Identify all affected systems and apply vendor patches promptly. If patching is delayed, consider network segmentation to limit exposure.

Debian Linux CVE-2022-1925

HIGH

Heap-based Buffer Overflow (CWE-122)

2022-07-19 secalert@redhat.com

Buffer Overflow Debian Linux Gstreamer

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 17, 2026 - 20:45 vuln.today

PoC Detected

Mar 17, 2026 - 15:52 vuln.today

Public exploit code

CVE Published

Jul 19, 2022 - 20:15 nvd

HIGH 7.8

DescriptionNVD

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks.

AnalysisAI

A heap overflow vulnerability exists in GStreamer's matroskaparse element due to an integer overflow in the gst_matroska_decompress_data function when processing MKV files with HEADERSTRIP decompression. While the matroskaparse element lacks proper size checks making it vulnerable, the more commonly used matroskademux element has restrictions that prevent exploitation. A proof-of-concept exploit is publicly available, though the EPSS score indicates a relatively low (4%) probability of real-world exploitation.

Technical ContextAI

GStreamer is a multimedia framework used for creating streaming media applications, with the affected versions identified through CPE as all versions prior to the fix (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*). The vulnerability stems from a classic heap-based buffer overflow (CWE-122) where integer overflow during decompression calculations leads to undersized buffer allocation. The matroskaparse element processes Matroska/MKV container files and specifically fails to validate chunk sizes during HEADERSTRIP decompression, while the matroskademux element (used for actual playback) includes protective size restrictions.

RemediationAI

Apply the security updates provided by your distribution immediately - Debian users should install DSA-5204 updates, while other distributions should check for GStreamer updates that address CVE-2022-1925. For systems that cannot be immediately patched, consider restricting access to untrusted MKV files and disabling matroskaparse element usage where possible. Monitor the upstream GitLab issue at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 for additional patches and verify updates are applied through your package manager.

CVE-2022-1925 vulnerability details – vuln.today

Back

Debian Linux CVE-2022-1925

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code