What is the CVSS score of CVE-2024-47834?

CVE-2024-47834 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of Gstreamer are affected by CVE-2024-47834?

Organizations using GStreamer face critical risk from CVE-2024-47834, a use-after-free vulnerability rated CVSS 9.1.. A patch is available.

How to fix or mitigate CVE-2024-47834?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.

Gstreamer CVE-2024-47834

CRITICAL

Use After Free (CWE-416)

2024-12-12 security-advisories@github.com

Information Disclosure Gstreamer

9.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 17, 2026 - 20:45 vuln.today

Patch released

Mar 17, 2026 - 20:45 nvd

Patch available

CVE Published

Dec 12, 2024 - 02:03 nvd

CRITICAL 9.1

DescriptionNVD

GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the gst_matroska_demux_parse_stream function, a data chunk is allocated using gst_ebml_read_binary. Later, the allocated memory is freed in the gst_matroska_track_free function, by the call to g_free (track->codec_priv). Finally, the freed memory is accessed in the caps_serialize function through gst_value_serialize_buffer. The freed memory will be accessed in the gst_value_serialize_buffer function. This results in a UAF read vulnerability, as the function tries to process memory that has already been freed. This vulnerability is fixed in 1.24.10.

AnalysisAI

A use-after-free vulnerability in GStreamer's Matroska demuxer allows remote attackers to cause denial of service or potentially disclose sensitive information by sending specially crafted Matroska media files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be triggered without authentication when processing CodecPrivate elements in Matroska streams. No active exploitation has been reported (not in KEV), and no public proof-of-concept exists, though the network-accessible nature and low complexity make it a credible threat.

Technical ContextAI

GStreamer is a widely-used multimedia framework for constructing media processing pipelines, affected versions identified through CPE cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*. The vulnerability stems from a use-after-free condition (CWE-416) in the Matroska demuxer component, where memory allocated for CodecPrivate elements via gst_ebml_read_binary is freed in gst_matroska_track_free but subsequently accessed in caps_serialize through gst_value_serialize_buffer. This classic memory management flaw occurs during the parsing of Matroska container format files, which are commonly used for video content delivery across web and streaming platforms.

RemediationAI

Upgrade GStreamer to version 1.24.10 or later, which contains the fix available at https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch. For systems that cannot immediately upgrade, implement input validation to reject or sanitize Matroska files from untrusted sources, and consider sandboxing media processing operations to limit impact. Review the vendor security advisory at https://gstreamer.freedesktop.org/security/sa-2024-0030.html for additional guidance and verify all GStreamer-dependent applications are updated.

CVE-2024-47834 vulnerability details – vuln.today

Back

Gstreamer CVE-2024-47834

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code