These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2016-9813 is a denial-of-service issue in GStreamer’s mpegts parser. According to NVD, the _parse_pat function in GStreamer before 1.10.2 can be crashed by a crafted file, leading to a NULL pointer dereference. The impact is availability-only, and the published CVSS 3.0 vector reflects local execution with required user interaction.
CVE-2016-9812 is a high-severity GStreamer bug in the MPEG-TS decoder. A too-small section can trigger an out-of-bounds read in gst_mpegts_section_new, which NVD characterizes as a remote denial-of-service condition. NVD scopes the affected range to GStreamer versions through 1.10.1, and the upstream release notes point to 1.10.2 as the fix point.
CVE-2016-9810 is a denial-of-service vulnerability in GStreamer’s flxdex decoder. An invalid file can trigger an incorrect unref call in gst_decode_chain_free_internal, leading to an invalid memory read and crash. The affected range in NVD is GStreamer versions up to and including 1.10.1, with the vendor release notes indicating the fix in 1.10.2.
CVE-2016-9809 is an out-of-bounds read issue in GStreamer’s H.264 caps parsing logic. According to NVD, versions of GStreamer through 1.10.1 are affected, and the fix was released in 1.10.2. The vulnerability is associated with a high CVSS score (7.8) and should be treated as a priority for any environment that processes untrusted media content.
CVE-2016-9808 is a remote denial-of-service vulnerability in GStreamer’s FLIC decoder. According to the CVE description and NVD record, crafted skip/count pairs can trigger an out-of-bounds write and crash the process. The affected version range in the NVD CPE data is GStreamer through 1.10.1, with 1.10.2 listed in the vendor release notes as the fixed release.
CVE-2016-9807 is a denial-of-service issue in GStreamer's FLIC decoder. A crafted FLIC file can cause an invalid memory read and crash in flx_decode_chunks (gst/flx/gstflxdec.c) in versions before 1.10.2.