CVE-2022-2122 Information

Description

DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault or could cause a heap overwrite depending on libc and OS. Depending on the libc used and the underlying OS capabilities it could be just a segfault or a heap overwrite.

Reference

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225