Integer Underflow in GStreamer Library Affects Media Applications
CVE-2024-47606

9.8CRITICAL

Key Information:

Vendor: Gstreamer Project
Status: Gstreamer
Vendor: CVE Published:; 12 December 2024

🔔 Create Gstreamer Project Vulnerability Alert

What is CVE-2024-47606?

An integer underflow vulnerability has been detected in the GStreamer library, specifically within the function qtdemux_parse_theora_extension in qtdemux.c. The flaw arises when an underflow occurs in the gint size variable, causing it to hold an excessively large unintended value upon being cast to an unsigned integer. This negative 32-bit value is then improperly cast to a 64-bit unsigned integer during the execution of the gst_buffer_new_and_alloc function. The subsequent memory allocation attempt results in insufficient memory being allocated, exacerbating the issue. During the gst_buffer_fill operation, data from input files could potentially overwrite critical structures in memory, leading to a critical situation where function pointers may be hijacked. This vulnerability has been addressed in version 1.24.10 of GStreamer.

References

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merg...

https://gstreamer.freedesktop.org/security/sa-2024-0014.html

https://securitylab.github.com/advisories/GHSL-2024-166_G...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2024