MGASA-2017-0320

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844

Published: 29 Aug 2017, 20:36

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

29 Aug 2017, 20:36

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated gstreamer0.10-plugins-base and gstreamer1.0-plugins-base packages fix security vulnerabilities Denial of service in GStreamer base plugins can be caused by floating point exceptions (CVE-2017-5837, CVE-2017-5844), stack overflow (CVE-2017-5839), or out-of-bounds heap read (CVE-2017-5842). Note that GStreamer 0.10 was only affected by the floating point exceptions.

Affected Systems

mageia•gstreamer0.10-plugins-base
< 0.10.36-9.2.mga5
mageia•gstreamer1.0-plugins-base
< 1.4.3-2.2.mga5

References (4)

https://advisories.mageia.org/MGASA-2017-0320.html
https://bugs.mageia.org/show_bug.cgi?id=20236
http://openwall.com/lists/oss-security/2017/02/02/9
https://lwn.net/Alerts/714996/