GStreamer
open source multimedia framework

GStreamer Spring Hackfest 2026

29-31 May 2026 ยท Nice, France

Join us!
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Forum
File a Bug
Artwork
Follow us on Bluesky
Follow us on Mastodon
Chat with us on Matrix

Security Advisory 2026-0028
Summary Use-after-free in GStreamer core buffer value deserialization
Date 2026-05-11
Affected Versions GStreamer core < 1.28.3
IDs GStreamer-SA-2026-0028

Details

Use-after-free in the GStreamer core library when deserializing GstBuffer values. During buffer deserialization, error handling paths did not correctly order buffer unmapping and unreferencing operations. Specifically, on character validation failure the buffer was unreferenced before being unmapped, resulting in a use-after-free when gst_buffer_unmap() accessed the already-freed buffer.

Impact

A malicious third party could trigger a use-after-free by providing crafted data containing serialized buffer values with invalid content, potentially resulting in a crash, data corruption, or arbitrary code execution.

Solution

The GStreamer core 1.28.3 release addresses the issue. People using older versions of GStreamer should apply the patch and recompile.

References

The GStreamer project

CVE Database Entries

  • No CVE number assigned or pending

GStreamer Core 1.28.3 release

Patches

Report a problem on this page.