A critical heap-based buffer overflow in GStreamer allows unauthenticated attackers to execute arbitrary code remotely by exploiting the rtpqdm2depay media processing module.

This vulnerability is a heap-based buffer overflow within the rtpqdm2depay depayloader. An unauthenticated attacker can trigger the overflow by providing a malicious RTP stream, leading to memory corruption and subsequent remote code execution.

With a CVSS score of 8.8, this vulnerability poses a severe threat to system availability and data confidentiality. Exploitation could result in a complete system takeover, allowing attackers to bypass security boundaries and access sensitive internal resources.

Immediate Action: Update GStreamer to the latest available version to patch the heap-based buffer overflow in the rtpqdm2depay component.

Proactive Monitoring: Implement memory-integrity monitoring and review system logs for segmentation faults or application crashes related to GStreamer processes.

Compensating Controls: Deploy a Web Application Firewall (WAF) or specialized protocol filter to inspect and validate RTP traffic before it reaches the GStreamer processing engine.

Public Exploit Available: false

The 8.8 CVSS score indicates a critical priority. Organizations must ensure all systems utilizing GStreamer for RTP stream processing are updated immediately to prevent potential remote exploitation.