Bugzilla – Bug 1184735
VUL-0: CVE-2021-3498: gstreamer-plugins-good: Heap corruption in matroska demuxing
Last modified: 2024-05-16 12:40:57 UTC
rh#1945342 GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. References: https://gstreamer.freedesktop.org/security/sa-2021-0003.html https://gstreamer.freedesktop.org/releases/1.18/#1.18.4 References: https://bugzilla.redhat.com/show_bug.cgi?id=1945342 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3498
# maintenance_jira_update_notice openSUSE-SU-2021:2915-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1184735,1184739 CVE References: CVE-2021-3497,CVE-2021-3498 JIRA References: Sources used: openSUSE Leap 15.3 (src): gstreamer-plugins-good-1.16.3-3.6.1
# maintenance_jira_update_notice SUSE-SU-2021:2915-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1184735,1184739 CVE References: CVE-2021-3497,CVE-2021-3498 JIRA References: Sources used: SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): gstreamer-plugins-good-1.16.3-3.6.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): gstreamer-plugins-good-1.16.3-3.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
# maintenance_jira_update_notice openSUSE-SU-2021:1230-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1184735,1184739 CVE References: CVE-2021-3497,CVE-2021-3498 JIRA References: Sources used: openSUSE Leap 15.2 (src): gstreamer-plugins-good-1.16.3-lp152.2.6.1
Cleaning up GNOME CVE backlog. The fix has been submitted and accepted. Assign back to security team.