CVE-2026-59692 PUBLISHED

Gstreamer: gstreamer: dtls certificate subject dn stack buffer overflow in openssl_verify_callback

Assigner: redhat
Reserved: 06.07.2026 Published: 09.07.2026 Updated: 09.07.2026

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an oversized Subject DN that exceeds the buffer, causing a stack buffer overflow and process crash, resulting in denial of service.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Score: 7.5

Product Status

Vendor Red Hat
Product Red Hat Enterprise Linux 10
Versions Default: affected
Vendor Red Hat
Product Red Hat Enterprise Linux 6
Versions Default: affected
Vendor Red Hat
Product Red Hat Enterprise Linux 7
Versions Default: affected
Vendor Red Hat
Product Red Hat Enterprise Linux 7
Versions Default: affected
Vendor Red Hat
Product Red Hat Enterprise Linux 8
Versions Default: affected
Vendor Red Hat
Product Red Hat Enterprise Linux 9
Versions Default: affected

Workarounds

There is no complete mitigation for this vulnerability. The following measures can reduce risk:

  1. If WebRTC/DTLS functionality is not required, remove the DTLS plugin shared object from the GStreamer plugins directory (typically /usr/lib64/gstreamer-1.0/libgstdtls.so).
  2. Restrict network access to WebRTC/DTLS endpoints to trusted peers only via firewall rules.
  3. Deploy GStreamer WebRTC services behind a reverse proxy or media server that validates DTLS certificates before forwarding.

Credits

  • Red Hat would like to thank Clouditera Security (Clouditera), NSFOCUS (NSFOCUS), and Z.ai Security (Z.ai) for reporting this issue.

References

Problem Types

  • Stack-based Buffer Overflow CWE