A flaw in GStreamer's gst‑plugins‑bad package allows a 1‑byte heap out‑of‑bounds read when parsing a specially crafted H.264 video that contains malformed MVC or SVC extension slice NAL units. The parser does not first verify that enough data exists beyond the extension header before reading slice boundary information, which triggers the read. The effect can be a program crash or leaking a single byte of heap memory to an attacker. The vulnerability does not provide direct code execution or privilege escalation, but it can lead to application instability or a subtle information disclosure.

Systems running Red Hat Enterprise Linux 10, 6, 7, 8, or 9 that have the gst‑plugins‑bad package installed are affected. No specific version ranges are listed, so all releases within these RHEL families using the default gst‑plugins‑bad package may be vulnerable.

The CVSS score of 4.4 indicates a moderate impact. EPSS is not available, so the known exploitation probability remains uncertain, and the vulnerability is not listed in CISA’s KEV catalog. Attackers would most likely need to persuade or force a user to open a malicious H.264 file, making the vector user‑initiated. Because the flaw only reads a single byte, the immediate risks are limited to denial of service or a small information leak, but the lack of an official workaround means the exposure persists until an update is applied.