CVE-2026-12892
Received Received - Intake
Heap Out-of-Bounds Read in GStreamer gst-plugins-bad

Publication date: 2026-06-23

Last updated on: 2026-06-23

Assigner: Red Hat, Inc.

Description
A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary information without first verifying that the NAL unit contains enough data beyond the extension header. An attacker could exploit this by tricking a user into opening a malicious H.264 video file, potentially causing the application to crash or leak a single byte of heap memory.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-23
Last Modified
2026-06-23
Generated
2026-06-24
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-12892
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gstreamer gst-plugins-bad *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability in GStreamer's gst-plugins-bad package involves a 1-byte heap out-of-bounds read that could potentially leak a single byte of heap memory when processing a specially crafted H.264 video file.

However, there is no specific information provided about how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is a flaw in the GStreamer's gst-plugins-bad package related to processing H.264 video files. Specifically, when the software processes a specially crafted H.264 video containing malformed MVC or SVC extension slice NAL units, it can perform a 1-byte heap out-of-bounds read during parsing.

The issue arises because the parser tries to check slice boundary information without first verifying that the NAL unit has enough data beyond the extension header. This can be exploited by an attacker who tricks a user into opening a malicious H.264 video file.

The potential result of this exploitation is that the application may crash or leak a single byte of heap memory.

Impact Analysis

If exploited, this vulnerability can cause the affected application to crash, leading to denial of service.

Additionally, it may leak a single byte of heap memory, which could potentially be used in further attacks, although the impact is limited given the small amount of leaked data.

The attack requires a user to open a specially crafted malicious H.264 video file, so user interaction is necessary.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12892. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart