CVE-2024-47598

CVSS V2 None CVSS V3 None
Description
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is that the size of the stts buffer isn’t properly checked before reading stts_duration, allowing the program to read 4 bytes beyond the boundaries of stts->data. This vulnerability reads up to 4 bytes past the allocated bounds of the stts array. This vulnerability is fixed in 1.24.10.
Overview
  • CVE ID
  • CVE-2024-47598
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-11T19:02:32.029Z
  • Last Modified Date
  • 2024-12-11T21:42:50.530Z
History
Created Old Value New Value Data Type Notes
2024-12-12 13:18:37 Added to TrackCVE