PT-2024-9623 · Gstreamer+11 · Gstreamer+11

Antonio Morales

+1

·

Published

2024-09-25

·

Updated

2025-06-30

·

CVE-2024-47539

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10
Description An out-of-bounds write issue was identified in the convert to s334 1a function in isomp4/qtdemux.c. This issue arises due to a discrepancy between the size of memory allocated to the storage array and the loop condition i * 2 < ccpair size. When ccpair size is even, the allocated size in storage does not match the loop's expected bounds, resulting in an out-of-bounds write. This allows for the overwriting of up to 3 bytes beyond the allocated bounds of the storage array.
Recommendations For versions prior to 1.24.10, update to version 1.24.10 to resolve the issue. As a temporary workaround, consider restricting access to the convert to s334 1a function in isomp4/qtdemux.c until the update is applied.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2024:11122
ALSA-2024:11299
ALSA-2024_11122
ALSA-2024_11299
ALT-PU-2025-2299
ALT-PU-2025-7574
AZL-62333
BDU:2024-11335
CESA-2024_11299
CVE-2024-47539
DLA-4071-1
DSA-5838-1
INFSA-2024_11122
INFSA-2024_11299
MGASA-2025-0040
OESA-2024-2592
OESA-2024-2593
OESA-2024-2594
OESA-2024-2595
OESA-2024-2596
OPENSUSE-SU-2024:14586-1
OPENSUSE-SU-2025_0055-1
OPENSUSE-SU-2025_0064-1
OPENSUSE-SU-2025_0067-1
RHSA-2024:11119
RHSA-2024:11121
RHSA-2024:11122
RHSA-2024:11148
RHSA-2024:11149
RHSA-2024:11298
RHSA-2024:11299
RHSA-2024:11346
RHSA-2024:11348
RHSA-2024_11122
RHSA-2024_11299
RLSA-2024:11122
RLSA-2024:11299
SUSE-SU-2025:0055-1
SUSE-SU-2025:0064-1
SUSE-SU-2025:0067-1
SUSE-SU-2025:02055-1
SUSE-SU-2025_02055-1
USN-7176-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Gstreamer
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu