CVE-2023-37329 · cross-distro fix matrix

CVE-2023-37329: It was discovered that multiple plugins in GStreamer contained arithmetic

Affects 10 Linux releases across 25 (distro × package) combinations. First disclosed: 2026-04-23.

Fix per ecosystem

Each block below is a distro release where CVE-2023-37329 has a known fix. Run the listed command on that distro to remediate.

Source: Ubuntu USN

gst-plugins-bad1.0→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gst-plugins-bad1.0
```
gir1.2-gst-plugins-bad-1.0→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gir1.2-gst-plugins-bad-1.0
```
gstreamer1.0-opencv→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-opencv
```
gstreamer1.0-plugins-bad→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-plugins-bad
```
gstreamer1.0-plugins-bad-doc→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-plugins-bad-doc
```
libgstreamer-opencv1.0-0→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y libgstreamer-opencv1.0-0
```
libgstreamer-plugins-bad1.0-0→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y libgstreamer-plugins-bad1.0-0
```
libgstreamer-plugins-bad1.0-dev→ fixed in1.14.5-0ubuntu1~18.04.1+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y libgstreamer-plugins-bad1.0-dev
```

Source: Ubuntu USN

gst-plugins-bad1.0→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gst-plugins-bad1.0
```
gir1.2-gst-plugins-bad-1.0→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gir1.2-gst-plugins-bad-1.0
```
gstreamer1.0-hybris→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-hybris
```
gstreamer1.0-plugins-bad→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-plugins-bad
```
gstreamer1.0-plugins-bad-doc→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-plugins-bad-doc
```
gstreamer1.0-plugins-bad-faad→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-plugins-bad-faad
```
gstreamer1.0-plugins-bad-videoparsers→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y gstreamer1.0-plugins-bad-videoparsers
```
libgstreamer-plugins-bad1.0-0→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y libgstreamer-plugins-bad1.0-0
```
libgstreamer-plugins-bad1.0-dev→ fixed in1.8.3-1ubuntu0.2+esm1USN-8205-1
```
sudo apt-get install --only-upgrade -y libgstreamer-plugins-bad1.0-dev
```

Source: Debian Security Tracker

gst-plugins-bad1.0→ fixed in1.18.4-3+deb11u1urgency: not yet assigned
```
sudo apt-get install --only-upgrade -y gst-plugins-bad1.0
```

Source: Debian Security Tracker

gst-plugins-bad1.0→ fixed in1.22.0-4+deb12u1urgency: not yet assigned
```
sudo apt-get install --only-upgrade -y gst-plugins-bad1.0
```

Source: Debian Security Tracker

gst-plugins-bad1.0→ fixed in1.22.4-1urgency: not yet assigned
```
sudo apt-get install --only-upgrade -y gst-plugins-bad1.0
```