A flaw was found in the GStreamer gst-libav plugin. A NULL pointer dereference in the demuxer error handler can be triggered when processing malformed media files, such as crafted Musepack (.mpc) files. When a user or application opens such a file using GStreamer, the application crashes, resulting in a denial of service.
History

Wed, 01 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in the GStreamer gst-libav plugin. A NULL pointer dereference in the demuxer error handler can be triggered when processing malformed media files, such as crafted Musepack (.mpc) files. When a user or application opens such a file using GStreamer, the application crashes, resulting in a denial of service.
Title gstreamer1-libav: gstreamer1-libav: NULL pointer dereference in gstavdemux.c error handler
Weaknesses CWE-476
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


cve-icon MITRE

No data.

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-12T00:00:00Z

Links: CVE-2026-12893 - Bugzilla

cve-icon OpenCVE Enrichment

No data.