PT-2024-9624 · Gstreamer+10 · Gstreamer+10

Antonio Morales

+1

·

Published

2024-10-02

·

Updated

2025-10-07

·

CVE-2024-47607

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10
Description A stack-buffer overflow has been detected in the gst opus dec parse header function within gstopusdec.c. The pos array is a stack-allocated buffer of size 64. If n channels exceeds 64, the for loop will write beyond the boundaries of the pos array. The value written will always be GST AUDIO CHANNEL POSITION NONE. This bug allows overwriting the EIP address allocated in the stack.
Recommendations For versions prior to 1.24.10, update to version 1.24.10 to resolve the issue. As a temporary workaround, consider restricting the value of n channels to 64 or less to prevent the stack-buffer overflow until a patch is available. Restrict access to the gst opus dec parse header function to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Stack Overflow

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

ALSA-2024:11123
ALSA-2024:11345
ALSA-2024_11123
ALSA-2024_11345
ALT-PU-2025-2299
ALT-PU-2025-7573
AZL-54297
AZL-54347
AZL-62360
BDU:2024-11336
CESA-2024_11345
CVE-2024-47607
DLA-3999-1
DSA-5831-1
INFSA-2024_11123
INFSA-2024_11345
OESA-2024-2563
OPENSUSE-SU-2025:14625-1
OPENSUSE-SU-2025_0054-1
OPENSUSE-SU-2025_0065-1
OPENSUSE-SU-2025_0069-1
RHSA-2024:11117
RHSA-2024:11118
RHSA-2024:11120
RHSA-2024:11123
RHSA-2024:11130
RHSA-2024:11141
RHSA-2024:11142
RHSA-2024:11143
RHSA-2024:11344
RHSA-2024:11345
RHSA-2024_11123
RHSA-2024_11345
RLSA-2024:11123
RLSA-2024:11345
SUSE-SU-2025:0052-1
SUSE-SU-2025:0054-1
SUSE-SU-2025:0065-1
SUSE-SU-2025:0069-1
SUSE-SU-2025:02020-1
SUSE-SU-2025:20134-1
SUSE-SU-2025:20241-1
SUSE-SU-2025_02020-1
USN-7175-1
USN-7807-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Gstreamer
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu