Alpine: multiple gst-plugins-good packages: security update to 1.20.3-r0

high Tenable Self-Hosted Container Security Plugin ID 408035

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in
qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and
OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap
overwrite. (CVE-2022-2122)

- Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a
heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap
overwrite. (CVE-2022-1920)

- Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while
parsing avi files. Potential for arbitrary code execution through heap overwrite. (CVE-2022-1921)

- DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux
element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite,
depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just
a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it
is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of
the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that
does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap
overwrite. (CVE-2022-1922)

- DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux
element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending
on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a
segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is
just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the
chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does
not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap
overwrite. (CVE-2022-1923)

See Also

https://security.alpinelinux.org/vuln/CVE-2022-1920

https://security.alpinelinux.org/vuln/CVE-2022-1921

https://security.alpinelinux.org/vuln/CVE-2022-1922

https://security.alpinelinux.org/vuln/CVE-2022-1923

https://security.alpinelinux.org/vuln/CVE-2022-1924

https://security.alpinelinux.org/vuln/CVE-2022-1925

https://security.alpinelinux.org/vuln/CVE-2022-2122

Plugin Details

Severity: High

ID: 408035

Version: Revision 1.27

Type: Local

Published: 11/17/2023

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 57.12

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-2122

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/19/2022

Reference Information

CVE: CVE-2022-1920, CVE-2022-1921, CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122