CVE-2026-1765
Received Received - Intake
Heap Buffer Overflow in GNOME Tracker MP3 Parser

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: Fedora Project

Description
A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch (previously known as tracker-miners). This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denial of Service (DoS) where the application crashes. It may also potentially expose sensitive information from the system's memory.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-1765
EUVD
EUVD-2026-37026
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gnome tracker_extract_mp3 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1765 is a vulnerability in the GNOME localsearch MP3 Extractor component of tracker-miners. It is caused by a heap buffer overflow in the extract_txxx_tags function when processing User Defined Text Information Frames (TXXX) in specially crafted MP3 files.

The issue occurs because the code calculates an offset based on the description string length without verifying if this offset exceeds the total frame size, leading to out-of-bounds memory access.

This flaw can cause the application to crash (denial of service) or potentially expose sensitive information from the system's memory.

Impact Analysis

An attacker can exploit this vulnerability by providing a malicious MP3 file to the vulnerable GNOME localsearch component.

The impact includes causing the application to crash, resulting in a denial of service (DoS).

Additionally, there is a potential risk that sensitive information from the system's memory could be exposed if the vulnerability is triggered.

Detection Guidance

This vulnerability can be detected by testing the GNOME localsearch MP3 Extractor component with specially crafted MP3 files that exploit the heap buffer overflow in the extract_txxx_tags function. A proof-of-concept MP3 file exists that can reproduce the crash caused by this vulnerability.

To detect the vulnerability on your system, you can attempt to process the provided proof-of-concept MP3 file with the tracker-extract-mp3 component and observe if the application crashes or behaves unexpectedly.

Specific commands are not provided in the resources, but a general approach would be to run the tracker-extract-mp3 tool or the GNOME localsearch service with the malicious MP3 file and monitor for segmentation faults or crashes.

Mitigation Strategies

Immediate mitigation steps include avoiding processing untrusted or specially crafted MP3 files with the tracker-extract-mp3 component until a patch or update is applied.

Applying any available security updates or patches from your distribution or GNOME project that address this heap buffer overflow vulnerability is recommended.

Additionally, restricting user privileges and limiting the exposure of the vulnerable component to untrusted input can reduce the risk of exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1765. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart