CVE-2024-47613

EUVD-2024-42825

12.12.2024, 02:03

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the destination address. `out_pix` is expected to point to the frame 0 from the frame structure, which is read from the input file. However, in certain situations, it can points to a NULL frame, causing the subsequent call to `memcpy` to attempt writing to the null address (0x00), leading to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 28%

Affected Products (NVD)

Vendor	Product	Version
gstreamer	gstreamer	𝑥 < 1.24.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

gst-plugins-good1.0

bookworm	1.22.0-5+deb12u3 fixed
bookworm (security)	1.22.0-5+deb12u2 fixed
bullseye	vulnerable
bullseye (security)	1.18.4-2+deb11u4 fixed
forky	1.26.9-1 fixed
sid	1.26.10-1 fixed
trixie	1.26.2-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

gst-plugins-good0.10

focal	dne
jammy	dne
noble	dne
oracular	dne
plucky	dne
questing	dne
xenial	needs-triage

gst-plugins-good1.0

bionic	needs-triage
focal	Fixed 1.16.3-0ubuntu1.3 released
jammy	Fixed 1.20.3-0ubuntu1.3 released
noble	Fixed 1.24.2-1ubuntu1.1 released
oracular	Fixed 1.24.8-1ubuntu1.1 released
plucky	not-affected
questing	not-affected
xenial	needs-triage

openSUSE / SLES Releases

openSUSE Product

Release

gstreamer-plugins-base

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

gstreamer-plugins-base-devel

suse enterprise server 12 SP5

1.8.3-13.18.1

fixed

gstreamer-plugins-base-lang

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

gstreamer-plugins-good

suse enterprise desktop 15 SP6	1.24.0-150600.3.3.1 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.3.3.1 fixed
suse enterprise sap 15 SP7	1.24.0-150600.3.3.1 fixed
suse enterprise server 12 SP3	1.8.3-16.12.1 fixed
suse enterprise server 12 SP5	1.8.3-16.12.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.3.17.1 fixed
suse enterprise server 15 SP3	1.16.3-150200.3.17.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.9.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.4.6.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.3.3.1 fixed
suse enterprise server 15 SP7	1.24.0-150600.3.3.1 fixed

gstreamer-plugins-good-lang

suse enterprise desktop 15 SP6	1.24.0-150600.3.3.1 fixed
suse enterprise desktop 15 SP7	1.24.0-150600.3.3.1 fixed
suse enterprise sap 15 SP6	1.24.0-150600.3.3.1 fixed
suse enterprise sap 15 SP7	1.24.0-150600.3.3.1 fixed
suse enterprise server 12 SP3	1.8.3-16.12.1 fixed
suse enterprise server 12 SP5	1.8.3-16.12.1 fixed
suse enterprise server 15 SP2	1.16.3-150200.3.17.1 fixed
suse enterprise server 15 SP3	1.16.3-150200.3.17.1 fixed
suse enterprise server 15 SP4	1.20.1-150400.3.9.1 fixed
suse enterprise server 15 SP5	1.22.0-150500.4.6.1 fixed
suse enterprise server 15 SP6	1.24.0-150600.3.3.1 fixed
suse enterprise server 15 SP7	1.24.0-150600.3.3.1 fixed

libgstallocators-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstapp-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstapp-1_0-0-32bit

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstaudio-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstaudio-1_0-0-32bit

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstfft-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstpbutils-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstpbutils-1_0-0-32bit

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstriff-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstrtp-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstrtsp-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstsdp-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgsttag-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgsttag-1_0-0-32bit

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstvideo-1_0-0

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

libgstvideo-1_0-0-32bit

suse enterprise server 12 SP3	1.8.3-13.18.1 fixed
suse enterprise server 12 SP5	1.8.3-13.18.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

gstreamer1-plugins-good

RHEL 8	0:1.16.1-5.el8_10 fixed
RHEL 8.2 AUS	0:1.16.1-2.el8_2 fixed
RHEL 8.4 AUS	0:1.16.1-3.el8_4 fixed
RHEL 8.4 E4S	0:1.16.1-3.el8_4 fixed
RHEL 8.4 TUS	0:1.16.1-3.el8_4 fixed
RHEL 8.6 AUS	0:1.16.1-3.el8_6 fixed
RHEL 8.6 E4S	0:1.16.1-3.el8_6 fixed
RHEL 8.6 TUS	0:1.16.1-3.el8_6 fixed
RHEL 8.8 AUS	0:1.16.1-4.el8_8 fixed
RHEL 8.8 E4S	0:1.16.1-4.el8_8 fixed
RHEL 8.8 EUS	0:1.16.1-4.el8_8 fixed
RHEL 8.8 TUS	0:1.16.1-4.el8_8 fixed
RHEL 9	0:1.22.1-3.el9_5 fixed

gstreamer1-plugins-good-gtk

RHEL 8	0:1.16.1-5.el8_10 fixed
RHEL 8.2 AUS	0:1.16.1-2.el8_2 fixed
RHEL 8.4 AUS	0:1.16.1-3.el8_4 fixed
RHEL 8.4 E4S	0:1.16.1-3.el8_4 fixed
RHEL 8.4 TUS	0:1.16.1-3.el8_4 fixed
RHEL 8.6 AUS	0:1.16.1-3.el8_6 fixed
RHEL 8.6 E4S	0:1.16.1-3.el8_6 fixed
RHEL 8.6 TUS	0:1.16.1-3.el8_6 fixed
RHEL 8.8 AUS	0:1.16.1-4.el8_8 fixed
RHEL 8.8 E4S	0:1.16.1-4.el8_8 fixed
RHEL 8.8 EUS	0:1.16.1-4.el8_8 fixed
RHEL 8.8 TUS	0:1.16.1-4.el8_8 fixed
RHEL 9	0:1.22.1-3.el9_5 fixed

Common Weakness Enumeration

References

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8041.patch

https://gstreamer.freedesktop.org/security/sa-2024-0025.html

https://securitylab.github.com/advisories/GHSL-2024-115_GHSL-2024-118_Gstreamer/

https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html