CVE-2022-1923
- Source
- https://cve.org/CVERecord?id=CVE-2022-1923
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1923.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-1923
- Downstream
- Related
- Published
- 2022-07-19T19:13:29Z
- Modified
- 2026-05-18T05:53:28.194513295Z
- Summary
- [none]
- Details
-
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1923.json", "cwe_ids": [ "CWE-122" ], "cna_assigner": "redhat" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1923.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-1923
- https://www.debian.org/security/2022/dsa-5204
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html
Affected packages
Git / github.com/gstreamer/gstreamer
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gstreamer/gstreamer
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "source": "CPE_FIELD", "cpe": "cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "0" }, { "fixed": "1.20.3" } ] }
Affected versions
1.*
1.0.0
1.0.1
1.0.2
1.1.1
1.1.2
1.1.3
1.1.4
1.1.90
1.10.0
1.11.0
1.11.1
1.11.2
1.11.90
1.11.91
1.12.0
1.13.1
1.13.90
1.13.91
1.14.0
1.15.1
1.15.2
1.15.90
1.16.0
1.17.1
1.17.2
1.17.90
1.18.0
1.19.1
1.19.2
1.19.3
1.19.90
1.2.0
1.20.0
1.20.1
1.20.2
1.3.1
1.3.2
1.3.3
1.3.90
1.3.91
1.4.0
1.5.1
1.5.2
1.5.90
1.5.91
1.6.0
1.7.1
1.7.2
1.7.90
1.7.91
1.8.0
1.9.1
1.9.2
1.9.90
Other
BEFORE_INDENT
BRANCH-AUTOPLUG2-ROOT
BRANCH-BUILD1-200112061-ROOT
BRANCH-BUILD1-200112101-ROOT
BRANCH-BUILD1-20011216-FREEZE
BRANCH-BUILD1-ROOT
BRANCH-CAPSNEGO1-ROOT
BRANCH-ERROR-ROOT
BRANCH-EVENTS1-200110161-ROOT
BRANCH-EVENTS1-ROOT
BRANCH-EVENTS2-ROOT
BRANCH-GOBJECT1-200106241-ROOT
BRANCH-GOBJECT1-ROOT
BRANCH-GSTREAMER-0_6-ROOT
BRANCH-GSTREAMER-0_8-ROOT
BRANCH-INCSCHED1-200104161-ROOT
BRANCH-INCSCHED1-200104251-ROOT
BRANCH-INCSCHED1-200105231-ROOT
BRANCH-INCSCHED1-200105251-ROOT
BRANCH-INCSCHED1-ROOT
BRANCH-PLUGINVER1-20010422-ROOT
BRANCH-PLUGINVER1-ROOT
BRANCH-RELEASE-0_3_3-ROOT
BRANCH-RELEASE-0_3_4-ROOT
BRANCH-RELEASE-0_4_0-ROOT
BRANCH-RELEASE-0_4_1-ROOT
BRANCH-RELEASE-0_4_2-ROOT
BRANCH-RELEASE-0_5_0-ROOT
BRANCH-RELEASE-0_5_1-ROOT
BRANCH-RELEASE-0_5_2-ROOT
BRANCH-RELEASE-0_7_2-ROOT
BRANCH-RELEASE-0_7_4-ROOT
BRANCH-RELEASE-0_7_5-ROOT
CAPS-MERGE-1
CAPS-MERGE-2
CAPS-MERGE-3
CAPS-ROOT
CHANGELOG_START
DEBIAN-0_3_1-1
EVENTS1-200110161-FREEZE
GIT_CONVERSION
GOBJECT1-200106241
GOBJECT1-200106241-FREEZE
HEAD-20010306-PRE_AUTOPLUG2
HEAD-20010312-PRE_CAPSNEGO1
INCSCHED1-200105251
INCSCHED1-200105251-FREEZE
MOVE-TO-FDO
OSLOSUMMIT1-200303051
PLUGINVER1-20010422
PLUGINVER1-20010422-FREEZE
RELEASE-0_10_0
RELEASE-0_10_1
RELEASE-0_10_10
RELEASE-0_10_11
RELEASE-0_10_12
RELEASE-0_10_13
RELEASE-0_10_14
RELEASE-0_10_15
RELEASE-0_10_16
RELEASE-0_10_17
RELEASE-0_10_18
RELEASE-0_10_2
RELEASE-0_10_20
RELEASE-0_10_21
RELEASE-0_10_22
RELEASE-0_10_3
RELEASE-0_10_4
RELEASE-0_10_5
RELEASE-0_10_6
RELEASE-0_10_7
RELEASE-0_10_8
RELEASE-0_10_9
RELEASE-0_1_0-SLIPSTREAM
RELEASE-0_1_1-DUCTTAPE
RELEASE-0_2_0-CRITICALMASS
RELEASE-0_2_1-SEDIMASTER
RELEASE-0_2_1-UNKN
RELEASE-0_3_0-EVENTFUL
RELEASE-0_3_1-BELGIANBEER
RELEASE-0_3_2-DOBDAY
RELEASE-0_7_1
RELEASE-0_7_2
RELEASE-0_7_3
RELEASE-0_7_6
RELEASE-0_8_0
RELEASE-0_8_1
RELEASE-0_8_2
RELEASE-0_8_3
RELEASE-0_8_4
RELEASE-0_8_6
RELEASE-0_8_7
RELEASE-0_8_8
RELEASE-0_8_9
RELEASE-0_9_2
RELEASE-0_9_3
RELEASE-0_9_4
RELEASE-0_9_5
RELEASE-0_9_6
RELEASE-0_9_7
TYPEFIND-ROOT
monorepo-start
start
RELEASE-0.*
RELEASE-0.10.23
RELEASE-0.10.24
RELEASE-0.10.25
RELEASE-0.10.26
RELEASE-0.10.27
RELEASE-0.10.28
RELEASE-0.10.29
RELEASE-0.10.30
RELEASE-0.10.31
RELEASE-0.11.0
RELEASE-0.11.1
RELEASE-0.11.2
RELEASE-0.11.90
RELEASE-0.11.91
RELEASE-0.11.92
RELEASE-0.11.93
RELEASE-0.11.94
RELEASE-0.11.99
Git / gitlab.freedesktop.org/gstreamer/gstreamer
Affected versions
1.*
1.0.0
1.0.1
1.0.2
1.1.1
1.1.2
1.1.3
1.1.4
1.1.90
1.10.0
1.11.0
1.11.1
1.11.2
1.11.90
1.11.91
1.12.0
1.13.1
1.13.90
1.13.91
1.14.0
1.15.1
1.15.2
1.15.90
1.16.0
1.17.1
1.17.2
1.17.90
1.18.0
1.19.1
1.19.2
1.19.3
1.19.90
1.2.0
1.20.0
1.20.1
1.20.2
1.20.3
1.3.1
1.3.2
1.3.3
1.3.90
1.3.91
1.4.0
1.5.1
1.5.2
1.5.90
1.5.91
1.6.0
1.7.1
1.7.2
1.7.90
1.7.91
1.8.0
1.9.1
1.9.2
1.9.90
Other
BEFORE_INDENT
BRANCH-AUTOPLUG2-ROOT
BRANCH-BUILD1-200112061-ROOT
BRANCH-BUILD1-200112101-ROOT
BRANCH-BUILD1-20011216-FREEZE
BRANCH-BUILD1-ROOT
BRANCH-CAPSNEGO1-ROOT
BRANCH-ERROR-ROOT
BRANCH-EVENTS1-200110161-ROOT
BRANCH-EVENTS1-ROOT
BRANCH-EVENTS2-ROOT
BRANCH-GOBJECT1-200106241-ROOT
BRANCH-GOBJECT1-ROOT
BRANCH-GSTREAMER-0_6-ROOT
BRANCH-GSTREAMER-0_8-ROOT
BRANCH-INCSCHED1-200104161-ROOT
BRANCH-INCSCHED1-200104251-ROOT
BRANCH-INCSCHED1-200105231-ROOT
BRANCH-INCSCHED1-200105251-ROOT
BRANCH-INCSCHED1-ROOT
BRANCH-PLUGINVER1-20010422-ROOT
BRANCH-PLUGINVER1-ROOT
BRANCH-RELEASE-0_3_3-ROOT
BRANCH-RELEASE-0_3_4-ROOT
BRANCH-RELEASE-0_4_0-ROOT
BRANCH-RELEASE-0_4_1-ROOT
BRANCH-RELEASE-0_4_2-ROOT
BRANCH-RELEASE-0_5_0-ROOT
BRANCH-RELEASE-0_5_1-ROOT
BRANCH-RELEASE-0_5_2-ROOT
BRANCH-RELEASE-0_7_2-ROOT
BRANCH-RELEASE-0_7_4-ROOT
BRANCH-RELEASE-0_7_5-ROOT
CAPS-MERGE-1
CAPS-MERGE-2
CAPS-MERGE-3
CAPS-ROOT
CHANGELOG_START
DEBIAN-0_3_1-1
EVENTS1-200110161-FREEZE
GIT_CONVERSION
GOBJECT1-200106241
GOBJECT1-200106241-FREEZE
HEAD-20010306-PRE_AUTOPLUG2
HEAD-20010312-PRE_CAPSNEGO1
INCSCHED1-200105251
INCSCHED1-200105251-FREEZE
MOVE-TO-FDO
OSLOSUMMIT1-200303051
PLUGINVER1-20010422
PLUGINVER1-20010422-FREEZE
RELEASE-0_10_0
RELEASE-0_10_1
RELEASE-0_10_10
RELEASE-0_10_11
RELEASE-0_10_12
RELEASE-0_10_13
RELEASE-0_10_14
RELEASE-0_10_15
RELEASE-0_10_16
RELEASE-0_10_17
RELEASE-0_10_18
RELEASE-0_10_2
RELEASE-0_10_20
RELEASE-0_10_21
RELEASE-0_10_22
RELEASE-0_10_3
RELEASE-0_10_4
RELEASE-0_10_5
RELEASE-0_10_6
RELEASE-0_10_7
RELEASE-0_10_8
RELEASE-0_10_9
RELEASE-0_1_0-SLIPSTREAM
RELEASE-0_1_1-DUCTTAPE
RELEASE-0_2_0-CRITICALMASS
RELEASE-0_2_1-SEDIMASTER
RELEASE-0_2_1-UNKN
RELEASE-0_3_0-EVENTFUL
RELEASE-0_3_1-BELGIANBEER
RELEASE-0_3_2-DOBDAY
RELEASE-0_7_1
RELEASE-0_7_2
RELEASE-0_7_3
RELEASE-0_7_6
RELEASE-0_8_0
RELEASE-0_8_1
RELEASE-0_8_2
RELEASE-0_8_3
RELEASE-0_8_4
RELEASE-0_8_6
RELEASE-0_8_7
RELEASE-0_8_8
RELEASE-0_8_9
RELEASE-0_9_2
RELEASE-0_9_3
RELEASE-0_9_4
RELEASE-0_9_5
RELEASE-0_9_6
RELEASE-0_9_7
TYPEFIND-ROOT
monorepo-start
start
RELEASE-0.*
RELEASE-0.10.23
RELEASE-0.10.24
RELEASE-0.10.25
RELEASE-0.10.26
RELEASE-0.10.27
RELEASE-0.10.28
RELEASE-0.10.29
RELEASE-0.10.30
RELEASE-0.10.31
RELEASE-0.11.0
RELEASE-0.11.1
RELEASE-0.11.2
RELEASE-0.11.90
RELEASE-0.11.91
RELEASE-0.11.92
RELEASE-0.11.93
RELEASE-0.11.94
RELEASE-0.11.99