Impact
GStreamer’s RealMedia demuxer in the gst-plugins‑ugly package fails to validate offsets when parsing FILEINFO metadata, and it reads the loop‑count value directly from attacker‑controlled data. A crafted RealMedia file can cause the demuxer to read beyond the end of the buffer, potentially leaking limited adjacent memory contents and triggering an infinite loop that leads to an application crash or hang. The vulnerability is a classic out‑of‑bounds read (CWE‑125) and can compromise application availability and confidentiality.
Affected Systems
The issue affects Red Hat Enterprise Linux 7, 8, 9, and 10 systems that include the gstreamer‑plugins‑ugly package (gst‑plugins‑ugly). Any installation that uses GStreamer to process RealMedia files is impacted.
Risk and Exploitability
The CVSS score of 7.1 indicates moderate‑to‑high severity, while the EPSS score of less than 1% suggests that the probability of exploitation is very low at present. The flaw is not listed in CISA’s Known Exploited Vulnerabilities catalog, reinforcing the low likelihood of a widespread exploit. The likely attack vector requires an attacker to supply a specially crafted RealMedia file, which could be delivered via email, an infected website, or a local file that the application processes.
OpenCVE Enrichment