Multiple critical vulnerabilities in GStreamer, including heap-based buffer overflows and an integer overflow, allow remote code execution via crafted media files (JPEG, AVI) or RTP streams. The CVSS scores range from 7.8 to 8.8. The NVD data indicates GStreamer versions prior to 1.28.1 are affected, and the fixed version is 1.28.1.
Red Hat Product Errata RHSA-2026:9487 - Security Advisory Issued: 2026-04-21 Updated: 2026-04-21 RHSA-2026:9487 - Security Advisory Overview Updated Packages Synopsis Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for multiple packages is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser (CVE-2026-3082) GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay (CVE-2026-3085) GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling (CVE-2026-2921) GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay (CVE-2026-3083) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 8.2 x86_64 Fixes BZ - 2447492 - CVE-2026-3082 GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser BZ - 2447495 - CVE-2026-3085 GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay BZ - 2447496 - CVE-2026-2921 GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling BZ - 2447498 - CVE-2026-3083 GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay CVEs CVE-2026-2921 CVE-2026-3082 CVE-2026-3083 CVE-2026-3085 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 8.2 SRPM gstreamer1-plugins-bad-free-1.16.1-4.el8_2.src.rpm SHA-256: 288f355aa42634884195a92e8f3ae7ee2ce1b3bef3395f45931af4dabdb2bd50 gstreamer1-plugins-base-1.16.1-3.el8_2.src.rpm SHA-256: ab95744bfb7f3c54938800b8ea503aff105cebbf03aae563c847fb8253f3060d gstreamer1-plugins-good-1.16.1-3.el8_2.src.rpm SHA-256: 512ab7250629da68afe747976778a4667a3543f78eba20e5e37680a0e7a28167 x86_64 gstreamer1-plugins-bad-free-1.16.1-4.el8_2.i686.rpm SHA-256: 0ad1022909223408fd20f1d42f5e1201f9f6a4ea93f3f11ff5eaba65a6b27581 gstreamer1-plugins-bad-free-1.16.1-4.el8_2.x86_64.rpm SHA-256: a491e38a70077d4dd6865aa1dba993268a45f8ecb2624f2ff8b576958b32c5cf gstreamer1-plugins-bad-free-debuginfo-1.16.1-4.el8_2.i686.rpm SHA-256: e29c494982b961b0b18096968566dcfe0775a219cf20ebed0016cc8b4b00f2a0 gstreamer1-plugins-bad-free-debuginfo-1.16.1-4.el8_2.x86_64.rpm SHA-256: 1650596d59562862d675c082025bb0d36e73ac4b6f8f0053958a9e8c01be0567 gstreamer1-plugins-bad-free-debugsource-1.16.1-4.el8_2.i686.rpm SHA-256: 30a83367795e2b1838328e8d27602847abfaa160ed50fb0c1d3781fc092eebae gstreamer1-plugins-bad-free-debugsource-1.16.1-4.el8_2.x86_64.rpm SHA-256: dddda0654cfd6017309d01a2ccffb2e77fcaa099ae9d0a516837751c3499ddd2 gstreamer1-plugins-base-1.16.1-3.el8_2.i686.rpm SHA-256: 416dc60242efe61c68db4f0983c6e75393f9e83cb93c341fead1a7fedb61b454 gstreamer1-plugins-base-1.16.1-3.el8_2.x86_64.rpm SHA-256: ed53d8a8324bb7ade8c1b889ccabbf397432caa841290ee092b0d172fda8fbfd gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_2.i686.rpm SHA-256: aca518445a448822425ff67f244cb88cf72b760788b0c7501b6344cb0b7a553e gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_2.x86_64.rpm SHA-256: df7c2e576bf13f02d0d6f81bae741a076c26bea1aff62ce7ab5f49988d99b339 gstreamer1-plugins-base-debugsource-1.16.1-3.el8_2.i686.rpm SHA-256: 8bd4410a77d1b0f07232604be438d33e3575b013885fede77cab7070029980c9 gstreamer1-plugins-base-debugsource-1.16.1-3.el8_2.x86_64.rpm SHA-256: 93d7cf894497226ce6441775022d214fa9377519cf72703f3ae7635758d7e260 gstreamer1-plugins-base-devel-1.16.1-3.el8_2.i686.rpm SHA-256: a541b378b2c58c2cae620523edf84c6c14bf23294535e892503c2f976c017106 gstreamer1-plugins-base-devel-1.16.1-3.el8_2.x86_64.rpm SHA-256: 2b9f3525c309081676c131cba730ceab11432d73ffb1257db0fc17c4b6073910 gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_2.i686.rpm SHA-256: 70e45581501a17459a2c0162b642349de37ececd2cace5dce22879710d7fb085 gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_2.x86_64.rpm SHA-256: ebd47d95e25c516ec0bca376bcb682a2b5648116f79df0c55346db67b8fafe57 gstreamer1-plugins-good-1.16.1-3.el8_2.i686.rpm SHA-256: 0c0d8941400117b277bd86fbe8a0c2229d4bfea1b8793394daf4d8b6296dd40b gstreamer1-plugins-good-1.16.1-3.el8_2.x86_64.rpm SHA-256: 28a108230fd363156d5ac6704589f788bc1af349604c3b1accda0d76c8179567 gstreamer1-plugins-good-debuginfo-1.16.1-3.el8_2.i686.rpm SHA-256: 1156861a38ed22c5d93936fcdcab8060e678afe57eaecc3e9790e136b1f1021d gstreamer1-plugins-good-debuginfo-1.16.1-3.el8_2.x86_64.rpm SHA-256: 90e10385ce4e0ddaa71b49f0ce017245825b76d1633c3a8c3cdd46b7fbc7ff1f gstreamer1-plugins-good-debugsource-1.16.1-3.el8_2.i686.rpm SHA-256: b87b659edbffca63b4217fe0473ae810d19b5b53fa8f702488055726a2943a72 gstreamer1-plugins-good-debugsource-1.16.1-3.el8_2.x86_64.rpm SHA-256: 9a2338e8b00362d64857da1fd8256445eaeb3552a4c4f7509ce4c9d73b8aba2c gstreamer1-plugins-good-gtk-1.16.1-3.el8_2.i686.rpm SHA-256: b8c4e771685cf8fb2168cb939a563da17a7526f8972c4f5d127b276b0a3278f5 gstreamer1-plugins-good-gtk-1.16.1-3.el8_2.x86_64.rpm SHA-256: bbbbdd48c1f74fc108e28f9c5634c24346b615b09172578b606c4e920feadb72 gstreamer1-plugins-good-gtk-debuginfo-1.16.1-3.el8_2.i686.rpm SHA-256: ac0b064d2489413fce83f76e6a6868138c574ca0cfd3dd13d6a780487def91d5 gstreamer1-plugins-good-gtk-debuginfo-1.16.1-3.el8_2.x86_64.rpm SHA-256: f1a8fe0811b544f2c1e9ac771dc6a4e2f11b72c9151a8584726d26f04a4d4e74 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .