CVE-2025-47808

MEDIUM
2025-08-07 [email protected]
5.6
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Patch Released
Apr 06, 2026 - 08:30 nvd
Patch available
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
PoC Detected
Mar 17, 2026 - 15:52 vuln.today
Public exploit code
CVE Published
Aug 07, 2025 - 20:15 nvd
MEDIUM 5.6

Tags

Denial Of Service Gstreamer Redhat Suse

Description

In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

Analysis

A null pointer dereference vulnerability exists in GStreamer's subparse plugin, specifically in the tmplayer_parse_line function when processing malformed subtitle files. This affects GStreamer through version 1.26.1 and can be triggered by an unauthenticated attacker over the network with moderate complexity, resulting in application crash (denial of service) and potential information disclosure. A public proof-of-concept exploit is available, but the EPSS score of 0.09% (25th percentile) indicates relatively low real-world exploitation probability despite POC availability.

Technical Context

GStreamer is a multimedia framework that handles audio and video processing across multiple platforms. The subparse plugin is responsible for parsing subtitle formats, including the TMPlayer subtitle format. The vulnerability exists in the tmplayer_parse_line function (CWE-476: Null Pointer Dereference), where insufficient input validation or bounds checking on subtitle file contents allows the parser to dereference a NULL pointer during processing. This occurs when the parser encounters malformed subtitle entries that lack expected data structures or contain unexpected formatting. The affected software is identified via CPE (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*), indicating all versions of GStreamer up to and including 1.26.1 are vulnerable.

Affected Products

GStreamer through version 1.26.1 is affected as confirmed by the CVE description and vendor advisory at https://gstreamer.freedesktop.org/security/. The CPE notation (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*) indicates that all versions up to 1.26.1 are vulnerable. The subparse plugin is a component of the core GStreamer distribution, affecting any deployment or application that relies on GStreamer for multimedia handling and subtitle processing. Specific patched version information should be obtained from the official GStreamer security advisory and the Atredis Partners advisory at https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md.

Remediation

Upgrade GStreamer to the patched version released after 1.26.1; consult the official GStreamer security advisory at https://gstreamer.freedesktop.org/security/ for the exact fixed version number and installation instructions. If immediate patching is not possible, implement validation and sanitization of subtitle files before passing them to the GStreamer parser, restrict subtitle source inputs to trusted and verified files only, and consider deploying media applications in sandboxed environments to limit crash impact. For applications consuming untrusted subtitle files from network sources, enforce strict input validation and error handling to gracefully manage malformed subtitle content.

Priority Score

48
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +28
POC: +20

Vendor Status

Share

CVE-2025-47808 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy