CVE-2017-5844

Published: 09 February 2017

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
gst-plugins-base0.10
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.10.36-2ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [0.10.36-1.1ubuntu2.1])
gst-plugins-base1.0
Launchpad, Ubuntu, Debian
Upstream
Released (1.10.3-1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.8.3-1ubuntu0.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.2.4-1~ubuntu2.1])
Patches:
Upstream: https://github.com/GStreamer/gst-plugins-base/commit/5d505d108800cef210f67dcfed2801ba36beac2a