GNOME localsearch MP3 Extractor: tracker-extract-mp3 Heap Overflow
CVE-2026-1767 Published on June 16, 2026
Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leading to denial of service or information disclosure via malformed mp3 id3 tags
A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length calculation during the parsing of performer tags can lead to a read beyond the allocated buffer, potentially causing a Denial of Service (DoS) due to a crash or enabling information disclosure.
Vulnerability Analysis
CVE-2026-1767 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a high impact on availability.
Timeline
Reported to Red Hat.
Made public.
Weakness Type
Buffer Access with Incorrect Length Value
The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. When the length value exceeds the size of the destination, a buffer overflow could occur.
Products Associated with CVE-2026-1767
Want to know whenever a new CVE is published for Red Hat Enterprise Linux (RHEL)? stack.watch will email you.
