CVE-2022-1925
Description
Integer overflow in GStreamer's Matroska parser can cause a heap overflow via crafted mkv files with HEADERSTRIP decompression, though limited by chunk size checks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Integer overflow in GStreamer's Matroska parser can cause a heap overflow via crafted mkv files with HEADERSTRIP decompression, though limited by chunk size checks.
Vulnerability
An integer overflow vulnerability exists in GStreamer's matroskaparse element within the gst_matroska_decompress_data function during mkv demuxing using HEADERSTRIP decompression. This overflow can lead to a heap overwrite. Affected versions include those before the fix for issue #1225. Note that the matroskademux element has restrictions on chunk sizes that prevent triggering the overflow, but matroskaparse lacks these size checks [1].
Exploitation
An attacker would need to provide a specially crafted Matroska (mkv) file with a malicious HEADERSTRIP compressed chunk that triggers the integer overflow in gst_matroska_decompress_data. Since the issue is in the parser element, the attacker does not need authentication or special network position beyond delivering the file to a user or application that processes it via GStreamer's pipeline using matroskaparse [1].
Impact
Successful exploitation results in a heap buffer overflow, potentially leading to a denial of service (crash) or, in worst-case scenarios, arbitrary code execution depending on heap layout and memory protections. The vulnerability is classified as a DOS / potential heap overwrite [1].
Mitigation
The issue was addressed in GStreamer project's repository (issue #1225). Users should update to a patched version of GStreamer that includes the fix. As a workaround, avoid using the matroskaparse element with untrusted mkv files until the patch is applied. No CVE mentions listing on CISA's Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
28- matroskaparse/matroskaparsedescription
- osv-coords26 versionspkg:rpm/almalinux/gstreamer1-plugins-goodpkg:rpm/almalinux/gstreamer1-plugins-good-gtkpkg:rpm/opensuse/gstreamer-plugins-good&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/gstreamer-plugins-good&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/gstreamer-0_10-plugins-good&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 1.18.4-6.el9+ 25 more
- (no CPE)range: < 1.18.4-6.el9
- (no CPE)range: < 1.18.4-6.el9
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 0.10.31-17.7.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.20.1-150400.3.3.1
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.12.5-150000.3.7.2
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.12.5-150000.3.7.2
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.16.3-150200.3.9.1
- (no CPE)range: < 1.8.3-16.6.2
- (no CPE)range: < 1.8.3-16.6.2
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
3- www.debian.org/security/2022/dsa-5204mitrevendor-advisoryx_refsource_DEBIAN
- gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2022/08/msg00001.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.