Description
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.
Published: 2026-06-15
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from out-of-bounds reads in GStreamer’s pcapparse element when it processes malformed PCAP records during IPv4/TCP header parsing. This flaw, identified as CWE‑125, can lead to accidental disclosure of memory contents or a program crash. The element is mainly used in debugging pipelines, which limits the typical exposure but still poses a risk if a local attacker can supply a crafted PCAP file to a victim’s system.

Affected Systems

Red Hat Enterprise Linux 10, 6, 7, 8, and 9 are affected through the GStreamer gstreamer1‑plugins‑bad‑free package that contains the vulnerable pcapparse element. Any system running one of these RHEL releases with the default GStreamer debugging components is susceptible.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate risk, and the EPSS score of < 1 % suggests a very low likelihood of exploitation. Because the flaw requires a local attacker to compel a user to load a specially crafted PCAP file, the attack vector is likely local and relies on user interaction. The vulnerability is not listed in the CISA KEV catalog, further indicating a lower exploit probability in the wild. The vendor has stated no practical temporary workaround is available, so the only mitigation is applying the patch.

Generated by OpenCVE AI on June 18, 2026 at 01:14 UTC.

Remediation

Vendor Workaround

Red Hat is not aware of a practical temporary workaround that fully mitigates this issue or meets Red Hat Product Security's standards for usability, deployment, applicability, or stability.


OpenCVE Recommended Actions

  • Update the gstreamer1‑plugins‑bad‑free package to the latest patched release available from your vendor.
  • Remove or disable any debugging pipelines that process PCAP files on production systems.
  • Avoid allowing untrusted PCAP files to be processed by GStreamer and monitor for unexpected crashes that may indicate exploitation.

Generated by OpenCVE AI on June 18, 2026 at 01:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Gstreamer Project
Gstreamer Project gstreamer Plugin
Vendors & Products Gstreamer Project
Gstreamer Project gstreamer Plugin

Tue, 16 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


Mon, 15 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 15 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Description Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.
Title Gstreamer1-plugins-bad-free: gstreamer: multiple out-of-bounds reads in pcapparse ipv4/tcp header parsing
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-125
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H'}


Subscriptions

Gstreamer Project Gstreamer Plugin
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-06-15T19:39:06.995Z

Reserved: 2026-06-08T11:07:26.009Z

Link: CVE-2026-52721

cve-icon Vulnrichment

Updated: 2026-06-15T19:38:53.892Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-15T20:16:32.700

Modified: 2026-06-15T21:09:52.020

Link: CVE-2026-52721

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-15T00:00:00Z

Links: CVE-2026-52721 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:45:53Z

Weaknesses