Red Hat Product Errata RHSA-2025:8201 - Security Advisory
Issued:
2025-05-27
Updated:
2025-05-27

RHSA-2025:8201 - Security Advisory

Synopsis

Important: gstreamer1-plugins-bad-free security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.

Security Fix(es):

  • GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-3887)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2367919 - CVE-2025-3887 GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Red Hat Enterprise Linux for x86_64 8

SRPM
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.src.rpm SHA-256: c54329d25078302589159235f51bab9a1245b10d9599e58c09067a9353514e79
x86_64
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.i686.rpm SHA-256: f34c9202005646f1b4339557f86d417be537420a99141c8862f6624e0e8f5dda
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.x86_64.rpm SHA-256: 29b1a1fb0f1e2c2804ddbfd10fc61a5b110a42c4d8d25ec05bfee175985f1ba3
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.i686.rpm SHA-256: 5b908cc7045d79f3f8fc907eb492a541a0cf93eeb5521c0d2709eba259b352c9
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.x86_64.rpm SHA-256: 1326a92c30991c5273ddbd0d30a581dfd6973ab6ba4496c409dae4513ef0c720
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.i686.rpm SHA-256: 823b3641ab98904ca5a16b1f71dc7d8eec6b58d89227cb47cf6160bba2bd73ed
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.x86_64.rpm SHA-256: 04e23075fcf3bbc08d618ea7fff97d41c097968d062bc02df64337ad1c886e22

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.src.rpm SHA-256: c54329d25078302589159235f51bab9a1245b10d9599e58c09067a9353514e79
s390x
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.s390x.rpm SHA-256: a8d6e7226863a8927b242c466f6f5784d3042783b7732169c696c5920f160bac
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.s390x.rpm SHA-256: 5d0bc213a195c37e3224037e0440601f671e660d43f95a45542e81e4a823fc52
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.s390x.rpm SHA-256: a77688ba9b4f14e7bdf9ea98e6338cf093dd25ab2e524acd212817e26e131229

Red Hat Enterprise Linux for Power, little endian 8

SRPM
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.src.rpm SHA-256: c54329d25078302589159235f51bab9a1245b10d9599e58c09067a9353514e79
ppc64le
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.ppc64le.rpm SHA-256: fb034ab994eff94ff550dbfac27249ab8a73d37c3e9fcd32146999c83687d149
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.ppc64le.rpm SHA-256: a4418db2b68158544d26e97bc9555252348d29b0f4a043eaff91a3cb33b7dfc0
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.ppc64le.rpm SHA-256: 2c81f733853bacda88715ea4db1af797cca4d1d28ac61dcc6a450d2704dc04e9

Red Hat Enterprise Linux for ARM 64 8

SRPM
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.src.rpm SHA-256: c54329d25078302589159235f51bab9a1245b10d9599e58c09067a9353514e79
aarch64
gstreamer1-plugins-bad-free-1.16.1-5.el8_10.aarch64.rpm SHA-256: e70cf32e98e29fcf6aad0a3fa925b31f84d6e070f95f2cc2f27ef47638bfa5fa
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.aarch64.rpm SHA-256: f8d66b6bc23a630217ed9530df0ec24ecd27e96faab1ef81860be36bc2c364f7
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.aarch64.rpm SHA-256: 8830a3aae10d3f835488558182e5f4c4d652e48e0a724cf146d3eac1713845a2

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.i686.rpm SHA-256: 5b908cc7045d79f3f8fc907eb492a541a0cf93eeb5521c0d2709eba259b352c9
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.x86_64.rpm SHA-256: 1326a92c30991c5273ddbd0d30a581dfd6973ab6ba4496c409dae4513ef0c720
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.i686.rpm SHA-256: 823b3641ab98904ca5a16b1f71dc7d8eec6b58d89227cb47cf6160bba2bd73ed
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.x86_64.rpm SHA-256: 04e23075fcf3bbc08d618ea7fff97d41c097968d062bc02df64337ad1c886e22
gstreamer1-plugins-bad-free-devel-1.16.1-5.el8_10.i686.rpm SHA-256: d05a9a31b04c9105cc52cfa9e8075d7204c7b20a4c3a402abe4f05efc0ac478c
gstreamer1-plugins-bad-free-devel-1.16.1-5.el8_10.x86_64.rpm SHA-256: eed96b3a53f8e3d512d682651f2c054249fa717ed98b7f18c1e3ab55871c6b19

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.ppc64le.rpm SHA-256: a4418db2b68158544d26e97bc9555252348d29b0f4a043eaff91a3cb33b7dfc0
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.ppc64le.rpm SHA-256: 2c81f733853bacda88715ea4db1af797cca4d1d28ac61dcc6a450d2704dc04e9
gstreamer1-plugins-bad-free-devel-1.16.1-5.el8_10.ppc64le.rpm SHA-256: 8b5956d15611585b77d7263ee8aee165f144931c6ca808561380520326f1645b

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.aarch64.rpm SHA-256: f8d66b6bc23a630217ed9530df0ec24ecd27e96faab1ef81860be36bc2c364f7
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.aarch64.rpm SHA-256: 8830a3aae10d3f835488558182e5f4c4d652e48e0a724cf146d3eac1713845a2
gstreamer1-plugins-bad-free-devel-1.16.1-5.el8_10.aarch64.rpm SHA-256: f50470b9a8e259ad137de96d9053328483ad56b6c2b9164db1c41f71048ff114

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
gstreamer1-plugins-bad-free-debuginfo-1.16.1-5.el8_10.s390x.rpm SHA-256: 5d0bc213a195c37e3224037e0440601f671e660d43f95a45542e81e4a823fc52
gstreamer1-plugins-bad-free-debugsource-1.16.1-5.el8_10.s390x.rpm SHA-256: a77688ba9b4f14e7bdf9ea98e6338cf093dd25ab2e524acd212817e26e131229
gstreamer1-plugins-bad-free-devel-1.16.1-5.el8_10.s390x.rpm SHA-256: 241695bba4bc030478decd44cb767323be97d01abc5b86b2bf54af3b69e898b5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.