CVE-2024-47601

HIGH
2024-12-12 [email protected]
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
Patch Released
Mar 17, 2026 - 20:45 nvd
Patch available
CVE Published
Dec 12, 2024 - 02:03 nvd
HIGH 7.5

Tags

Denial Of Service Gstreamer

Description

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer *sub pointer before performing dereferences. As a result, null pointer dereferences may occur. This vulnerability is fixed in 1.24.10.

Analysis

A null pointer dereference vulnerability exists in GStreamer's Matroska demuxer component, specifically in the gst_matroska_demux_parse_blockgroup_or_simpleblock function. GStreamer versions prior to 1.24.10 are affected, allowing remote attackers to cause denial of service by sending specially crafted Matroska (MKV) media files without authentication. With an EPSS score of 0.10% (28th percentile), exploitation probability is currently low, though proof-of-concept details are publicly available through GitHub Security Lab.

Technical Context

GStreamer is a widely-used multimedia framework (cpe:2.3:a:gstreamer:gstreamer) that provides a pipeline-based architecture for constructing media processing workflows. The vulnerability resides in matroska-demux.c, which handles parsing of Matroska container format files (commonly .mkv, .webm). The issue is classified as CWE-476 (NULL Pointer Dereference), where the gst_matroska_demux_parse_blockgroup_or_simpleblock function fails to validate the GstBuffer *sub pointer before dereferencing it. When processing malformed Matroska files, this missing validation allows the pointer to remain null during dereference operations, triggering a crash in the demuxer component and terminating the media processing pipeline.

Affected Products

GStreamer versions prior to 1.24.10 are affected by this vulnerability, as confirmed by CPE identifier cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*. The vulnerable component is specifically the Matroska demuxer module (matroska-demux.c). Debian LTS distributions containing affected versions have been identified in security advisories at https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html. The official GStreamer security advisory is available at https://gstreamer.freedesktop.org/security/sa-2024-0020.html with detailed analysis from GitHub Security Lab at https://securitylab.github.com/advisories/GHSL-2024-249_Gstreamer/.

Remediation

Upgrade GStreamer to version 1.24.10 or later to address this vulnerability, as documented in the official security advisory at https://gstreamer.freedesktop.org/security/sa-2024-0020.html. The fix is available through the upstream patch at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch. Debian users should apply updates referenced in https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html. As an interim mitigation, restrict processing of Matroska media files to trusted sources only, implement input validation and sanitization for media files before processing, and consider sandboxing GStreamer-based applications to limit the impact of denial-of-service crashes. Monitor for abnormal application terminations that may indicate exploitation attempts.

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +38
POC: 0

Share

CVE-2024-47601 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy