CVE-2024-47597

CVSS V2 None CVSS V3 None
Description
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function qtdemux_parse_samples reads data beyond the boundaries of the stream->stco buffer. The following code snippet shows the call to qt_atom_parser_get_offset_unchecked, which leads to the OOB-read when parsing the provided GHSL-2024-245_crash1.mp4 file. This issue may lead to read up to 8 bytes out-of-bounds. This vulnerability is fixed in 1.24.10.
Overview
  • CVE ID
  • CVE-2024-47597
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-11T19:01:50.820Z
  • Last Modified Date
  • 2024-12-11T21:51:28.160Z
History
Created Old Value New Value Data Type Notes
2024-12-12 13:18:59 Added to TrackCVE