Gstreamer
CVE-2024-47601
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionGitHub Advisory
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer *sub pointer before performing dereferences. As a result, null pointer dereferences may occur. This vulnerability is fixed in 1.24.10.
AnalysisAI
A null pointer dereference vulnerability exists in GStreamer's Matroska demuxer component, specifically in the gst_matroska_demux_parse_blockgroup_or_simpleblock function. GStreamer versions prior to 1.24.10 are affected, allowing remote attackers to cause denial of service by sending specially crafted Matroska (MKV) media files without authentication. With an EPSS score of 0.10% (28th percentile), exploitation probability is currently low, though proof-of-concept details are publicly available through GitHub Security Lab.
Technical ContextAI
GStreamer is a widely-used multimedia framework (cpe:2.3:a:gstreamer:gstreamer) that provides a pipeline-based architecture for constructing media processing workflows. The vulnerability resides in matroska-demux.c, which handles parsing of Matroska container format files (commonly .mkv, .webm). The issue is classified as CWE-476 (NULL Pointer Dereference), where the gst_matroska_demux_parse_blockgroup_or_simpleblock function fails to validate the GstBuffer *sub pointer before dereferencing it. When processing malformed Matroska files, this missing validation allows the pointer to remain null during dereference operations, triggering a crash in the demuxer component and terminating the media processing pipeline.
RemediationAI
Upgrade GStreamer to version 1.24.10 or later to address this vulnerability, as documented in the official security advisory at https://gstreamer.freedesktop.org/security/sa-2024-0020.html. The fix is available through the upstream patch at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch. Debian users should apply updates referenced in https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html. As an interim mitigation, restrict processing of Matroska media files to trusted sources only, implement input validation and sanitization for media files before processing, and consider sandboxing GStreamer-based applications to limit the impact of denial-of-service crashes. Monitor for abnormal application terminations that may indicate exploitation attempts.
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write an
A heap-based buffer overflow vulnerability exists in GStreamer's RTSP connection parser that allows remote attackers to
An integer overflow vulnerability in the GStreamer multimedia framework's matroska demuxer allows heap memory corruption
A critical integer overflow vulnerability in GStreamer's qtdemux element allows attackers to trigger denial of service o
A critical integer overflow vulnerability in the GStreamer multimedia framework's Matroska (MKV) demuxer can cause denia
An integer overflow vulnerability in GStreamer's Matroska demuxer can cause denial of service or potentially heap memory
An integer overflow vulnerability in GStreamer's AVI demux element allows attackers to trigger a heap overwrite when par
A heap overflow vulnerability exists in GStreamer's matroskaparse element due to an integer overflow in the gst_matroska
An integer overflow vulnerability in GStreamer's matroska demuxer can cause denial of service through segmentation fault
Same weakness CWE-476 – NULL Pointer Dereference
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today