CVE-2024-47834
GHSL-2024-280: Gstreamer Use-After-Free read in Matroska CodecPrivate
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the gst_matroska_demux_parse_stream function, a data chunk is allocated using gst_ebml_read_binary. Later, the allocated memory is freed in the gst_matroska_track_free function, by the call to g_free (track->codec_priv). Finally, the freed memory is accessed in the caps_serialize function through gst_value_serialize_buffer. The freed memory will be accessed in the gst_value_serialize_buffer function. This results in a UAF read vulnerability, as the function tries to process memory that has already been freed. This vulnerability is fixed in 1.24.10.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-10-03 CVE Reserved
- 2024-12-11 CVE Published
- 2024-12-12 CVE Updated
- 2024-12-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch | X_refsource_misc | |
https://gstreamer.freedesktop.org/security/sa-2024-0030.html | X_refsource_misc | |
https://securitylab.github.com/advisories/GHSL-2024-280_Gstreamer | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Gstreamer Search vendor "Gstreamer" | Gstreamer Search vendor "Gstreamer" for product "Gstreamer" | < 1.24.10 Search vendor "Gstreamer" for product "Gstreamer" and version " < 1.24.10" | en |
Affected
|