1it enterprise

NES Related Vulnerability Discovered In Ubuntu

1it enterpriseAccording to Chris Evan a security researcher, sound files meant to be played on the venerable Nintendo Entertainment System can abuse a vulnerability in a multimedia framework present on Version 12.04.5 of Ubuntu. A flaw in the audio decoder known as libgstnsf.so that which allows gstreamer Version 0.10 to play the NSF files that the NES uses for music resulted in the flaw. A virtualized version of the NES’ old 6502 processors and sound hardware is created when an NSF file was played in the host systems hardware. The way NES cartridges used to handle swapping between particular memory registers to run code on an unwary Linux user’s desktop is taken advantage by the exploit. The package that gets installed during the installation process includes libgstnsf.so. Though it is unlikely to become a widespread threat, Evan suggested that theoretically the exploit could be distributed through drive-by download targeting Google Chrome, email attachments, and USB.


The issue exists in the 12.04.5 version of the Ubuntu that is particularly old. Since there is another decoder present that can decode NSF music from the NES, the libgstnsf.so that doesn’t affect any functionality can be removed as a fix for the issue.

leave a reply


2950 North Loop West Suite 500 Houston TX – 77092

+1 (832) 426-2567



Level 2, Prestige Omega, No. 104, EPIP Zone, Whitefield Bangalore – 560066 Karnataka

+91 70226 09430



1IT Enterprise a Technology Magazine which is focused on bridging the gap between Enterprises World and the insights based on success stories of established entrepreneurs.

Follow Us

Back to Top