CVE-2026-53701: Out-of-bounds Write in Red Hat Red Hat Enterprise Linux 10
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partition() (gsth266parser.c), the loop iterates without checking that the slice index stays within bounds, writing past three fixed-size arrays (slice_height_in_ctus, slice_top_left_ctu_x, slice_top_left_ctu_y) in the GstH266PPS structure. While the initial proof-of-concept demonstrated a 4-byte out-of-bounds write, the code permits larger writes across multiple iterations. A crafted H.266/VVC media file can trigger this vulnerability.
AI Analysis
Technical Summary
CVE-2026-53701 is an out-of-bounds write vulnerability in the gst_h266_parser_parse_picture_partition() function of GStreamer's H.266/VVC PPS picture partition parser within gst-plugins-bad. The vulnerability arises because the loop that processes multiple slices in a tile does not verify that the slice index remains within the bounds of three fixed-size arrays (slice_height_in_ctus, slice_top_left_ctu_x, slice_top_left_ctu_y) in the GstH266PPS structure. This allows writing past the allocated array boundaries. The initial proof-of-concept demonstrated a 4-byte out-of-bounds write, but the code logic permits larger writes across multiple iterations. A maliciously crafted H.266/VVC media file can exploit this flaw to cause an out-of-bounds write.
Potential Impact
The vulnerability can cause an out-of-bounds write leading to potential denial of service or other undefined behavior affecting application stability. The CVSS vector indicates the attack requires network access with low complexity, no privileges, and user interaction. The impact is limited to availability (A:H) with no confidentiality or integrity impact reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-53701 for current remediation guidance. No official fix or workaround is explicitly stated in the provided advisory content. Users should monitor the vendor advisory for updates and apply any released patches promptly.
CVE-2026-53701: Out-of-bounds Write in Red Hat Red Hat Enterprise Linux 10
Description
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partition() (gsth266parser.c), the loop iterates without checking that the slice index stays within bounds, writing past three fixed-size arrays (slice_height_in_ctus, slice_top_left_ctu_x, slice_top_left_ctu_y) in the GstH266PPS structure. While the initial proof-of-concept demonstrated a 4-byte out-of-bounds write, the code permits larger writes across multiple iterations. A crafted H.266/VVC media file can trigger this vulnerability.
CVSS v3.1
Score 6.5medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-53701 is an out-of-bounds write vulnerability in the gst_h266_parser_parse_picture_partition() function of GStreamer's H.266/VVC PPS picture partition parser within gst-plugins-bad. The vulnerability arises because the loop that processes multiple slices in a tile does not verify that the slice index remains within the bounds of three fixed-size arrays (slice_height_in_ctus, slice_top_left_ctu_x, slice_top_left_ctu_y) in the GstH266PPS structure. This allows writing past the allocated array boundaries. The initial proof-of-concept demonstrated a 4-byte out-of-bounds write, but the code logic permits larger writes across multiple iterations. A maliciously crafted H.266/VVC media file can exploit this flaw to cause an out-of-bounds write.
Potential Impact
The vulnerability can cause an out-of-bounds write leading to potential denial of service or other undefined behavior affecting application stability. The CVSS vector indicates the attack requires network access with low complexity, no privileges, and user interaction. The impact is limited to availability (A:H) with no confidentiality or integrity impact reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-53701 for current remediation guidance. No official fix or workaround is explicitly stated in the provided advisory content. Users should monitor the vendor advisory for updates and apply any released patches promptly.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-10T15:40:26.501Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-53701","vendor":"Red Hat"}]
Threat ID: 6a2b05db815e7002b81eca04
Added to database: 6/11/2026, 7:00:43 PM
Last enriched: 6/11/2026, 7:15:46 PM
Last updated: 6/11/2026, 8:19:14 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.