CVE-2026-1767
Received Received - Intake
Heap Buffer Overflow in GNOME Localsearch MP3 Extractor

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: Fedora Project

Description
A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length calculation during the parsing of performer tags can lead to a read beyond the allocated buffer, potentially causing a Denial of Service (DoS) due to a crash or enabling information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-1767
EUVD
EUVD-2026-37028
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gnome tracker-miners *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-805 The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1767 is a heap buffer overflow vulnerability found in the GNOME localsearch MP3 Extractor component, specifically in the tracker-miners package. It occurs when the extractor processes specially crafted MP3 files containing malformed ID3 tags. The flaw arises from an incorrect length calculation during the parsing of performer tags, which causes the extractor to read beyond the allocated buffer.

This out-of-bounds read can lead to a crash of the process (Denial of Service) or potentially allow an attacker to disclose information from the heap memory.

Impact Analysis

This vulnerability can impact you by causing the GNOME localsearch MP3 Extractor process to crash, resulting in a Denial of Service (DoS).

Additionally, it may allow an attacker to disclose sensitive information from the heap memory due to the out-of-bounds read caused by the malformed MP3 file.

Detection Guidance

This vulnerability can be detected by testing the GNOME localsearch MP3 Extractor component with specially crafted MP3 files containing malformed ID3 tags. Using debugging tools like AddressSanitizer can help identify heap buffer overflow issues during testing.

A proof-of-concept MP3 file exists that triggers the vulnerability, which can be used to reproduce the issue and confirm its presence.

While no specific commands are provided, running the tracker-extract-mp3 component under AddressSanitizer or similar memory error detection tools when processing suspicious MP3 files can help detect the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1767. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart