Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2023-40476

Published: 28 September 2023

[Integer overflow in H.265 video parser leading to stack overwrite]

Priority

Medium

Status

Package Release Status
gst-plugins-bad0.10
Launchpad, Ubuntu, Debian
trusty Needs triage

xenial Ignored
(end of standard support)
bionic Ignored
(end of standard support)
focal Does not exist

jammy Does not exist

lunar Does not exist

upstream Needs triage

mantic Does not exist

gst-plugins-bad1.0
Launchpad, Ubuntu, Debian
trusty Needs triage

xenial Needs triage

bionic Needs triage

upstream Needs triage

focal
Released (1.16.3-0ubuntu1.1)
jammy
Released (1.20.3-0ubuntu1.1)
lunar
Released (1.22.1-1ubuntu1.1)
mantic
Released (1.22.4-1ubuntu1.1)
Patches:
upstream: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ff91a3d8d6f7e2412c44663bf30fad5c7fdbc9d9
upstream: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/fddda166222a067d0e511950a0a8cfb9f5a521b7 (1.22.6)