CVE-2024-47598

CRITICAL
2024-12-12 [email protected]
9.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
Patch Released
Mar 17, 2026 - 20:45 nvd
Patch available
CVE Published
Dec 12, 2024 - 02:03 nvd
CRITICAL 9.1

Tags

Information Disclosure Gstreamer

Description

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is that the size of the stts buffer isn’t properly checked before reading stts_duration, allowing the program to read 4 bytes beyond the boundaries of stts->data. This vulnerability reads up to 4 bytes past the allocated bounds of the stts array. This vulnerability is fixed in 1.24.10.

Analysis

An out-of-bounds read vulnerability exists in GStreamer's qtdemux component that allows reading 4 bytes beyond allocated memory boundaries when processing media files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be exploited remotely without authentication to potentially expose sensitive information or cause application crashes. With a CVSS score of 9.1 and network-based attack vector, this represents a significant risk for applications using GStreamer for media processing, though no active exploitation or public proof-of-concept has been reported.

Technical Context

GStreamer is a multimedia framework library used for constructing graphs of media-handling components, commonly employed in video players, streaming applications, and media processing tools. The vulnerability (CWE-125: Out-of-bounds Read) occurs in the qtdemux_merge_sample_table function within qtdemux.c, specifically when processing QuickTime/MP4 demuxing operations. The affected products are identified by CPE cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:* for all versions prior to 1.24.10, where insufficient bounds checking on the stts (sample-to-time-sample) buffer allows reading of stts_duration values beyond the allocated memory region.

Affected Products

GStreamer versions prior to 1.24.10 are affected by this vulnerability, as confirmed by the CPE identifier cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*. The vulnerability impacts all applications and systems that use the GStreamer library for media processing, particularly those utilizing the qtdemux component for QuickTime/MP4 file handling. The official security advisory is available at https://gstreamer.freedesktop.org/security/sa-2024-0006.html, with additional analysis provided by GitHub Security Lab at https://securitylab.github.com/advisories/GHSL-2024-246_Gstreamer/.

Remediation

Upgrade GStreamer to version 1.24.10 or later, which contains the fix for this vulnerability. The patch is available at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch and should be applied immediately for systems processing untrusted media content. For systems that cannot immediately upgrade, consider implementing input validation and sandboxing for media processing operations, restricting the processing of QuickTime/MP4 files from untrusted sources, or isolating GStreamer-based applications in controlled environments with limited access to sensitive data.

Priority Score

46
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +46
POC: 0

Share

CVE-2024-47598 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy