GStreamer Uninitialized Stack Variable Vulnerability Could Lead to Code Execution
CVE-2024-47540

9.8CRITICAL

Key Information:

Vendor: Gstreamer
Status: Gstreamer
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-47540?

The GStreamer library has a vulnerability located in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. This vulnerability stems from the use of an uninitialized stack variable, which occurs when the size parameter is less than 4. The issue arises when the program calls gst_buffer_unmap with this uninitialized map variable, leading to an attempt to unmap the buffer incorrectly in the gst_memory_unmap function. This flawed execution can result in a hijacked function pointer, allowing an attacker to manipulate the execution flow of the program. Consequently, this can lead to unauthorized code execution, necessitating an immediate update to GStreamer version 1.24.10 or later to mitigate this risk.

Affected Version(s)

gstreamer < 1.24.10

References

https://securitylab.github.com/advisories/GHSL-2024-197_G...

x_refsource_CONFIRM

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merg...

x_refsource_MISC

https://gstreamer.freedesktop.org/security/sa-2024-0017.html

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2024
Vulnerability Reserved
Sep 25, 2024

Gstreamer

What is CVE-2024-47540?

Affected Version(s)

References

CVSS V3.1

Timeline