Issued:
2025-10-21
Updated:
2025-10-21

RHSA-2025:18416 - Moderate: Automotive bug fix and enhancement update

Synopsis

Moderate: Automotive bug fix and enhancement update

Type/Severity

Security Advisory Moderate

Topic

An update for gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server is now available for Red Hat In-Vehicle-OS version 1.0.0.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on media data.

Security Fix(es):

  • gstreamer: EXIF Metadata Parsing Integer Overflow (CVE-2024-4453)

  • gstreamer: AV1 Video Parsing Stack-based Buffer Overflow (CVE-2024-0444)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat In-Vehicle-OS version 1.0.0 Release Notes linked from the References section.

Solution

To update your implementation of Red Hat In-Vehicle Operating System,contact Red Hat Support: https://access.redhat.com/support.

Affected Products

ProductVersionArch
Red Hat In-Vehicle Operating System Core1x86_64
Red Hat In-Vehicle Operating System Core1aarch64

Updated Packages

  • gstreamer1-devel-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-bad-free-libs-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-libs-debuginfo-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-ugly-free-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-ugly-free-debuginfo-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-ugly-free-debuginfo-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-ugly-free-debugsource-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-debuginfo-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-rtsp-server-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-rtsp-server-1.22.12-3.el9.src.rpm
  • gstreamer1-plugins-ugly-free-debugsource-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-devel-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-devel-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-debuginfo-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-rtsp-server-devel-debuginfo-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-bad-free-debugsource-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-debugsource-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-ugly-free-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-rtsp-server-debugsource-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-debuginfo-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-ugly-free-1.22.12-3.el9.src.rpm
  • gstreamer1-plugins-bad-free-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-rtsp-server-devel-debuginfo-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-rtsp-server-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-rtsp-server-debuginfo-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-rtsp-server-debugsource-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-devel-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-bad-free-1.22.12-3.el9.src.rpm
  • gstreamer1-plugins-bad-free-libs-debuginfo-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-debuginfo-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-plugins-bad-free-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-1.22.12-3.el9.src.rpm
  • gstreamer1-rtsp-server-debuginfo-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-plugins-bad-free-libs-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-1.22.12-3.el9.x86_64.rpm
  • gstreamer1-debugsource-1.22.12-3.el9.aarch64.rpm
  • gstreamer1-debugsource-1.22.12-3.el9.x86_64.rpm

Fixes

CVEs

References

Additional information