Upstream information
Description
A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using re_skip_pascal_string() without validating that offsets remain within the mapped buffer. Additionally, the element count controlling the parsing loop is read from attacker-controlled data without validation, which can cause an infinite loop. A crafted RealMedia file can cause the application to crash, hang, or potentially read limited adjacent memory contents.SUSE information
Overall state of this security issue: Pending
This issue is currently rated as having important severity.
| CVSS detail | CNA (Red Hat) | SUSE |
|---|---|---|
| Base Score | 7.1 | 7.1 |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H |
| Attack Vector | Network | Network |
| Attack Complexity | Low | Low |
| Privileges Required | None | None |
| User Interaction | Required | Required |
| Scope | Unchanged | Unchanged |
| Confidentiality Impact | Low | Low |
| Integrity Impact | None | None |
| Availability Impact | High | High |
| CVSSv3 Version | 3.1 | 3.1 |
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.
| Product(s) | Source package | State |
|---|---|---|
| Products under general support and receiving all security fixes. | ||
| SUSE Linux Enterprise Desktop 15 SP7 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server 15 SP7 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server 16.0 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server 16.1 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.0 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.1 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | gstreamer-plugins-ugly | Affected |
| openSUSE Leap 16.0 | gstreamer-plugins-ugly | Affected |
| Products under Long Term Service Pack support and receiving important and critical security fixes. | ||
| SUSE Linux Enterprise Server 15 SP6 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | gstreamer-plugins-ugly | Affected |
| Products past their end of life and not receiving proactive updates anymore. | ||
| SUSE Linux Enterprise Desktop 15 SP6 | gstreamer-plugins-ugly | Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP6 | gstreamer-plugins-ugly | Affected |
| openSUSE Leap 15.6 | gstreamer-plugins-ugly | Affected |
SUSE Timeline for this CVE
CVE page created: Mon Jun 15 20:00:16 2026CVE page last modified: Wed Jun 17 20:34:31 2026