Skip to main content

Matroska Parser CVE-2026-61626

MEDIUM
2026-07-14 vendor:ubuntu
Share

Severity by source

vuln.today AI
8.8 HIGH

Network delivery of a crafted file requires user interaction but no privileges; out-of-bounds write in C/C++ parser creates realistic full-impact potential.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Lifecycle Timeline

2
Analysis Generated
Jul 16, 2026 - 09:31 vuln.today
CVE Published
Jul 14, 2026 - 00:00 cve.org
MEDIUM

DescriptionCVE.org

[GHSA-5gf7-wjfm-vmvm: Out-of-bounds bit clears for negative Matroska ReadOrder values]

AnalysisAI

Out-of-bounds bit clear operations in a Matroska container format parser allow processing of maliciously crafted media files containing negative ReadOrder field values to corrupt memory. The vulnerability arises when a negative integer ReadOrder value is used without adequate sign checking, causing bit-clear write operations to target memory locations outside the intended buffer boundary. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious .mkv file with negative ReadOrder
Delivery
Deliver file to target via download, stream, or upload
Exploit
Target parser processes Matroska container
Execution
Negative ReadOrder used as buffer offset
Persist
Out-of-bounds bit clear corrupts memory
Impact
Crash or code execution

Vulnerability AssessmentAI

Exploitation Exploitation requires that a target system parse or render a specially crafted Matroska file containing a negative ReadOrder field value. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No CVSS score or vector has been assigned in the available data, so quantitative risk signals are absent. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious Matroska (.mkv or .webm) file containing a block with a large negative ReadOrder value and delivers it to a target - via a web download, email attachment, or media streaming endpoint. When the vulnerable parser processes the file, it uses the negative ReadOrder value as an offset for a bit-clear operation, writing outside the intended buffer and corrupting adjacent memory. …
Remediation Consult the GitHub Security Advisory GHSA-5gf7-wjfm-vmvm for the upstream fix commit or patched release version, then apply the corresponding vendor package update through Ubuntu's package manager (apt upgrade). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-61626 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy