CVE-2026-53703
Publication date 15 June 2026
Last updated 26 June 2026
Ubuntu priority
Description
A vulnerability was found in the GStreamer RealMedia demuxer (gst-plugins-ugly). When processing a RealMedia (.rm) file, the demuxer parses MDPR (media properties) chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sample rate, channel count, and extra codec data length from fixed offsets within the chunk without first checking that the chunk contains enough data. If a malicious file provides an MDPR chunk that is too small to contain a complete audio stream header, the parser reads beyond the end of the buffer. This can cause the application to crash. In some cases, bytes read past the buffer boundary may be incorporated into stream metadata, which could result in limited information disclosure.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| gst-plugins-ugly1.0 | 26.04 LTS resolute |
Needs evaluation
|
| 25.10 questing |
Needs evaluation
|
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
Severity score breakdown
CVSS version: CVSS v3.0
Base score
7.1 · High
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2026-53703
- https://gstreamer.freedesktop.org/security/sa-2026-0042.html
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11825
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11826 (1.28.4)
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11831 (1.26 branch)
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11832 (1.24 branch)