VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 25, 2021· Updated Aug 3, 2024

CVE-2021-3185

CVE-2021-3185

Description

A stack buffer overflow in GStreamer's H.264 parser (gst-plugins-bad before 1.18.1) allows remote code execution via a crafted H.264 header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A stack buffer overflow in GStreamer's H.264 parser (gst-plugins-bad before 1.18.1) allows remote code execution via a crafted H.264 header.

Vulnerability

A stack buffer overflow vulnerability exists in the gst_h264_slice_parse_dec_ref_pic_marking function within the H.264 parsing component of gst-plugins-bad versions before 1.18.1. When parsing a specially crafted H.264 slice header, insufficient bounds checking can cause memory corruption on the stack, potentially allowing an attacker to overwrite adjacent stack data [1]. The bug resides in the GStreamer multimedia framework's handling of H.264 decoding reference picture marking syntax elements [1].

Exploitation

An attacker can exploit this vulnerability by providing a malicious H.264 stream (e.g., a crafted video file) to an application that uses GStreamer's affected H.264 decoder. No special authentication or elevated privileges are required; the attack vector is typically a malformed media file that triggers the parsing error. The vulnerable code path is reached when the gst_h264_slice_parse_dec_ref_pic_marking function processes the reference picture marking information from the stream's slice header [1].

Impact

Successful exploitation results in stack memory corruption, which can be leveraged to achieve arbitrary code execution in the context of the GStreamer process. This can lead to full compromise of the affected application, including data exfiltration or further system compromise. The vulnerability is rated as medium severity with a CVSS score of 5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) [1].

Mitigation

The vulnerability is fixed in GStreamer gst-plugins-bad version 1.18.1 and later [1]. For affected distributions (e.g., Red Hat Enterprise Linux, Fedora, Gentoo), updates should be applied as available. Gentoo has released a GLSA recommending upgrade to >=media-libs/gst-plugins-bad-1.20.2 [2]. No workaround is known for unpatched versions [2].

References
  1. 1917192 – (CVE-2021-3185) CVE-2021-3185 gstreamer: buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking
  2. Multiple Vulnerabilities (GLSA 202208-31) — Gentoo security

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

59

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

2

News mentions

0

No linked articles in our index yet.