Heap Overflow Vulnerability in Matroska Parsing

Heap Overflow Vulnerability in Matroska Parsing

CVE-2022-1925 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks.

Learn more about our Web Application Penetration Testing UK.