GStreamer Uninitialized Stack Variable Vulnerability Could Lead to Code Execution
CVE-2024-47540

8.6HIGH

Key Information:

Vendor

Gstreamer

Status
Gstreamer
Vendor
CVE Published:
12 December 2024

What is CVE-2024-47540?

The GStreamer library has a vulnerability located in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. This vulnerability stems from the use of an uninitialized stack variable, which occurs when the size parameter is less than 4. The issue arises when the program calls gst_buffer_unmap with this uninitialized map variable, leading to an attempt to unmap the buffer incorrectly in the gst_memory_unmap function. This flawed execution can result in a hijacked function pointer, allowing an attacker to manipulate the execution flow of the program. Consequently, this can lead to unauthorized code execution, necessitating an immediate update to GStreamer version 1.24.10 or later to mitigate this risk.

Affected Version(s)

gstreamer < 1.24.10

References

https://securitylab.github.com/advisories/GHSL-2024-197_G...
x_refsource_CONFIRM
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merg...
x_refsource_MISC
https://gstreamer.freedesktop.org/security/sa-2024-0017.html
x_refsource_MISC

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.