[ALSA-2026:36749] Important: gstreamer1-plugins-bad-free security update
Type:
security
Severity:
important
Release date:
2026-07-09
Description:
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion (CVE-2026-52718) * gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder (CVE-2026-52719) * gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720) * gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 gstreamer1-plugins-bad-free-libs-1.26.7-2.el10_2.4.aarch64.rpm 26786c882244af7b66132986f16533deeff663be69e154ae9aa10cd3bae17c6b
aarch64 gstreamer1-plugins-bad-free-1.26.7-2.el10_2.4.aarch64.rpm 2f3befa1f34bca5c3a5c122a297803fffa9ffa3bc624e469528b5356f1a7d2e3
aarch64 gstreamer1-plugins-bad-free-devel-1.26.7-2.el10_2.4.aarch64.rpm faa75663e2e55f3134ccaa6d6d22266c2b23d46bd1c0756fa3588cbb8ad67f93
ppc64le gstreamer1-plugins-bad-free-devel-1.26.7-2.el10_2.4.ppc64le.rpm 09e5255a6440e9a72799e17d262df5683eeabaab429c18431700aa8ab06b341d
ppc64le gstreamer1-plugins-bad-free-libs-1.26.7-2.el10_2.4.ppc64le.rpm 867becd8f680429c44b91e3f433baa9d90f1208326e2f6afb7c7bd8ca3c61f24
ppc64le gstreamer1-plugins-bad-free-1.26.7-2.el10_2.4.ppc64le.rpm 926ad8156b9191a7838e47f16ac22a309b2e995a10596bad178e6f3419e50a81
s390x gstreamer1-plugins-bad-free-devel-1.26.7-2.el10_2.4.s390x.rpm 8baaceea640f558bf5b0c7c9b671f461450705b673b5e89e4560d0d4df451a6a
s390x gstreamer1-plugins-bad-free-1.26.7-2.el10_2.4.s390x.rpm c33c0daf36d91e26ee1ec8999befd88f912cfa1925eef5cf710ec41bbf9b8522
s390x gstreamer1-plugins-bad-free-libs-1.26.7-2.el10_2.4.s390x.rpm cab86c5813cdae230019f691c61cf19a0bd7d5204d92660e30ee03f0eb2da1d5
x86_64 gstreamer1-plugins-bad-free-devel-1.26.7-2.el10_2.4.x86_64.rpm 137e98ec718ba522d827133e20dcf859810f36a0e8641e061ab60581c1859882
x86_64 gstreamer1-plugins-bad-free-1.26.7-2.el10_2.4.x86_64.rpm 142f17b32e7117a2779ce4837c0ff969a7bb863b829406fee81f8a8093297fd7
x86_64 gstreamer1-plugins-bad-free-libs-1.26.7-2.el10_2.4.x86_64.rpm 2e946d04bc8afa69d42a858ee7274ab38d83abb4222adc99544e493d5dbe7ac2
x86_64_v2 gstreamer1-plugins-bad-free-1.26.7-2.el10_2.4.x86_64_v2.rpm 0487b1962425322691569d9e0b3053aa0cc0ab81fc5b9ac6281d142d973b2e49
x86_64_v2 gstreamer1-plugins-bad-free-devel-1.26.7-2.el10_2.4.x86_64_v2.rpm 2fdcdff14fa4a9016b0e30440bccaf321f21dceef3531171846e676be639b47c
x86_64_v2 gstreamer1-plugins-bad-free-libs-1.26.7-2.el10_2.4.x86_64_v2.rpm c0f6906438421e1607d54faa1d6909c86f19a15514e67b5d7ada1e85c2e6c39c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.