[ALSA-2026:36834] Important: gstreamer1-plugins-bad-free security update
Type:
security
Severity:
important
Release date:
2026-07-10
Description:
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion (CVE-2026-52718) * gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder (CVE-2026-52719) * gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720) * gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.aarch64.rpm 5ebfebf6022666fa53b8c9376f429a8cefb176edcf1018c7f863c322676479d1
aarch64 gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.aarch64.rpm ec03a93b8fe6d828b15e7a3c4c4651aabd1dbd459a84e7396781423c751d24b8
aarch64 gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.aarch64.rpm f5d017e3d68f7778f29ad604686921ad2705186dae13fb11b2a20ff6f131cd36
i686 gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.i686.rpm 79484f8358c193a60952847db9b85a7fa4aec6753b56ca8d1798367c37497479
i686 gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.i686.rpm b803ef36af864c8f1eb741f63d316f58ddd6d34de283c625a3999eae522e323a
i686 gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.i686.rpm d9a9f2ae43b9e9e953576f3a094af4a5e1503e480562be982718c0edcf32fe1c
ppc64le gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.ppc64le.rpm 50617523a45b3d97d265ae67ffd28a00e8d821987d28fdb55fdb9b0bea9f3238
ppc64le gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.ppc64le.rpm 6d56818be25d89b941d2801500d58cafa6bec45c97cbac5aa03fe72bdfbd6cd2
ppc64le gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.ppc64le.rpm c2e7ef0d88390936de9dbefd24ffb11353ba14855d67225eb8ad0ba85f1d978a
s390x gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.s390x.rpm 12d1e60cf55bb3832b048a71dde3c1dfb246d6cb21a523132189134bdbc32942
s390x gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.s390x.rpm b368c6b180d9303b7df361a0501d7cc1ea6b5ead9145ac9dc425f71b90d96a23
s390x gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.s390x.rpm c34b02310f46818062d0cde5d02e12256e6feb2809e56f533b8549770142c2c2
x86_64 gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.x86_64.rpm 3d3ac49f8a2c04c4d407d8b690f58635f102e06b3fa184cda81491c3da0cfc59
x86_64 gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.x86_64.rpm 5e7a519ab317605c3022e70bc474ac53823ea16ab0035202034d0cdb550b01fe
x86_64 gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.x86_64.rpm dd8f00eb5b1ab3c7c35c3186ee0ee1281a5c98637535f1c1861ce6f760ced584
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.