Skip to main content

GStreamer EUVDEUVD-2026-36800

| CVE-2026-52721 MEDIUM
Out-of-bounds Read (CWE-125)
2026-06-15 redhat GHSA-9qf3-vv3w-6xw5
5.3
CVSS 3.1 · NVD
Share

Severity by source

Vendor (redhat) PRIMARY
MEDIUM
qualitative
NVD
5.3 MEDIUM
AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H
vuln.today AI
5.3 MEDIUM

File-based local delivery (AV:L), precise PCAP crafting required (AC:H), no attacker privileges needed (PR:N), user must actively process file (UI:R); read-only flaw limits impact to partial disclosure and crash.

3.1 AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H
4.0 AV:L/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
3.6 MEDIUM
AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
Red Hat
5.3 MEDIUM
qualitative

Primary rating from Vendor (redhat).

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 15, 2026 - 19:57 vuln.today
CVE Published
Jun 15, 2026 - 19:10 cve.org
MEDIUM 5.3

DescriptionNVD

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.

AnalysisAI

Out-of-bounds read vulnerabilities in GStreamer's pcapparse element expose Red Hat Enterprise Linux 6 through 10 users to potential application crashes or limited memory disclosure when processing malformed PCAP files. The flaws reside in IPv4/TCP header parsing logic, where specially crafted PCAP records trigger reads beyond buffer boundaries across multiple code paths. Real-world exposure is materially constrained by pcapparse's restriction to debugging pipelines, the requirement for local user interaction, and high attack complexity; no public exploit or active exploitation has been identified at time of analysis.

Technical ContextAI

The pcapparse element is a GStreamer plugin that ingests PCAP (Packet CAPture) network trace files - a format widely used by network engineers and developers for debugging and traffic replay. GStreamer is a multimedia and data-flow framework distributed as a standard component of Red Hat Enterprise Linux. CWE-125 (Out-of-Bounds Read) identifies the root cause: the parser fails to validate record offsets or lengths before reading IPv4 and TCP header fields from the input buffer, allowing reads into adjacent memory regions. The plural nature of the vulnerability ('multiple' OOB reads) indicates that several distinct code paths within the IPv4/TCP header parsing logic share the same class of bounds-check omission. CPE strings confirm affected deployments span RHEL 6, 7, 8, 9, and 10 as distributed by Red Hat, though upstream GStreamer version ranges are not independently specified in the available intelligence.

RemediationAI

No vendor-released patch with a specific version number has been confirmed at time of analysis. An upstream GitLab work item (https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5106) indicates the issue is being tracked, but no tagged release or merged fix has been independently verified from available data. Monitor the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-52721 and Bugzilla entry https://bugzilla.redhat.com/show_bug.cgi?id=2486732 for patch availability and apply any issued RHSA errata promptly. As an immediate compensating control, disable or remove GStreamer's pcapparse plugin from any environment where it is not actively required for debugging - this directly eliminates the attack surface with no functional impact on production workloads, since pcapparse serves no role outside PCAP debugging pipelines. Additionally, enforce policies against processing PCAP files sourced from untrusted parties using GStreamer tooling.

CVE-2026-4631 CRITICAL POC
9.8 Apr 07

Remote code execution in Cockpit's web interface allows unauthenticated attackers to execute arbitrary commands on the h

CVE-2026-4480 CRITICAL POC
9.0 May 26

Remote code execution in Samba's printing subsystem allows remote attackers to inject arbitrary shell commands via craft

CVE-2026-14544 CRITICAL
9.8 Jul 03

Remote code execution and privilege escalation in HPLIP (HP Linux Imaging and Printing) affects the hpcups print filter

CVE-2026-28369 CRITICAL
9.1 Mar 27

HTTP request smuggling in Undertow (the embedded web server underpinning JBoss EAP, Red Hat Data Grid, and Apache Camel

CVE-2026-28368 CRITICAL
9.1 Mar 27

HTTP request smuggling in Red Hat Undertow allows remote unauthenticated attackers to bypass front-end security controls

CVE-2026-33845 CRITICAL
9.1 Apr 30

Out-of-bounds read in the GnuTLS DTLS handshake reassembly logic lets remote unauthenticated attackers trigger an intege

CVE-2026-28367 CRITICAL
9.1 Mar 27

HTTP request smuggling in Undertow allows remote unauthenticated attackers to send `\r\r\r` as a header block terminator

CVE-2026-11610 HIGH
8.8 Jul 07

Denial of service in Red Hat / 389 Directory Server (389-ds-base, versions since ~1.3.2/2013) allows an authenticated LD

CVE-2026-14474 HIGH
8.8 Jul 07

Local-to-domain-wide root privilege escalation in SSSD's LDAP sudo provider allows an authenticated LDAP directory user

CVE-2026-52720 HIGH
8.8 Jun 15

Heap buffer overflow in GStreamer's librfb (RFB/VNC client) allows a malicious VNC server to corrupt heap memory on a co

CVE-2026-5260 HIGH
8.2 May 26

Information disclosure and denial of service in GnuTLS (libgnutls) let a remote, unauthenticated attacker trigger a heap

CVE-2026-0966 HIGH
8.2 Mar 26

Remote denial-of-service in libssh 0.11.x and earlier allows unauthenticated attackers to crash SSH server daemon proces

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise Module for Basesystem 15 SP7 Affected
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Affected
SUSE Linux Enterprise Module for Package Hub 15 SP7 Affected

Share

EUVD-2026-36800 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy