Search for vulnerabilities
Vulnerability details: VCID-aqfr-w1eb-tfd1
Vulnerability ID VCID-aqfr-w1eb-tfd1
Aliases CVE-2025-3887
Summary GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 slice headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26596.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-121 Stack-based Buffer Overflow
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3887.json
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
epss 0.00194 https://api.first.org/data/v1/epss?cve=CVE-2025-3887
cvssv3.1 8.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 8.8 https://www.zerodayinitiative.com/advisories/ZDI-25-267/
ssvc Track https://www.zerodayinitiative.com/advisories/ZDI-25-267/
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3887.json
https://api.first.org/data/v1/epss?cve=CVE-2025-3887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3887
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2025/06/msg00017.html
1106285 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106285
2367919 https://bugzilla.redhat.com/show_bug.cgi?id=2367919
CVE-2025-3887 https://nvd.nist.gov/vuln/detail/CVE-2025-3887
RHSA-2025:8183 https://access.redhat.com/errata/RHSA-2025:8183
RHSA-2025:8184 https://access.redhat.com/errata/RHSA-2025:8184
RHSA-2025:8201 https://access.redhat.com/errata/RHSA-2025:8201
RHSA-2025:8976 https://access.redhat.com/errata/RHSA-2025:8976
RHSA-2025:8977 https://access.redhat.com/errata/RHSA-2025:8977
RHSA-2025:8978 https://access.redhat.com/errata/RHSA-2025:8978
RHSA-2025:8979 https://access.redhat.com/errata/RHSA-2025:8979
RHSA-2025:8980 https://access.redhat.com/errata/RHSA-2025:8980
RHSA-2025:8981 https://access.redhat.com/errata/RHSA-2025:8981
RHSA-2025:9056 https://access.redhat.com/errata/RHSA-2025:9056
USN-7558-1 https://usn.ubuntu.com/7558-1/
ZDI-25-267 https://www.zerodayinitiative.com/advisories/ZDI-25-267/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3887.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.zerodayinitiative.com/advisories/ZDI-25-267/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-22T18:39:14Z/ Found at https://www.zerodayinitiative.com/advisories/ZDI-25-267/
Exploit Prediction Scoring System (EPSS)
Percentile 0.38772
EPSS Score 0.00166
Published At May 23, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-05-07T20:04:47.842769+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 36.0.0