What is Gstreamer and How to Protect Yourself Gstreamer Exploit

While it’s considered a safe operating system, there certainly are security vulnerabilities that can allow hackers to exploit GNU/Linux. Fortunately, there are several things you can do to keep yourself safe from a recently discovered critical security flaw. While some exploits affect only a single distribution, the most recent influences most modern ones equally.

A security researcher found that it’s possible to exploit Gstreamer, which is responsible for indexing thumbnails, by hosting a malicious audio file on the Web. When the user downloads the file, Gstreamer automatically indexes it on most distributions. The application wants to see if it’s a file that needs to have a thumbnail generated. This application includes an obscure library designed to playback Super Nintendo music by emulating the CPU and audio processor from the SNES. Compromised audio files exploit this fact.

Protecting Yourself Agaisnt Gstreamer Exploits

Chrome, especially on the Fedora desktop, will automatically download files without confirmation. Fedora’s tracker apps crawl downloaded files. Pay close attention if using Chrome in any environment, but especially in Fedora, for any message that reads something like “We’re sorry, it looks like the Tracker Metadata Extractor crashed.” This is especially problematic if you’ve done nothing other than visit a Web page, since it could indicate that a browser got compromised.

If you’re an Ubuntu user who never selected MP3 installation options when setting up your machine, then you’re safe. You might consider doing that if reinstalling, but it takes away a large amount of functionality. Firefox users in any version of Linux will be prompted before downloading attacker’s files, so care should be taken before agreeing to any prompts to ensure you know precisely what’s being downloaded.

Users of Chrome can protect themselves by heading to chrome://settings in the URL line, and then selecting “Show advanced settings…” at the bottom of the page.

Scroll down to downloads and then make sure that “Ask where to save each file before downloading” has a check next to it.

Kevin Arrows
Kevin is a dynamic and self-motivated information technology professional, with a Thorough knowledge of all facets pertaining to network infrastructure design, implementation and administration. Superior record of delivering simultaneous large-scale mission critical projects on time and under budget.

Expert Tip

What is Gstreamer and How to Protect Yourself Gstreamer Exploit

If the issue is with your Computer or a Laptop you should try using Restoro which can scan the repositories and replace corrupt and missing files. This works in most cases, where the issue is originated due to a system corruption. You can download Restoro by clicking the Download button below.

Download Now

I'm not interested