Количество 14
Количество 14
BDU:2025-01020
Уязвимость мультимедийного фреймворка Gstreamer, связанная с целочисленным переполнением, позволяющая нарушителю выполнить произвольный код
CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10.
CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10.
CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10.
CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling compo ...
RLSA-2024:11299
Important: gstreamer1-plugins-good security update
ELSA-2024-11299
ELSA-2024-11299: gstreamer1-plugins-good security update (IMPORTANT)
ELSA-2024-11122
ELSA-2024-11122: gstreamer1-plugins-good security update (IMPORTANT)
ELSA-2024-11344
ELSA-2024-11344: gstreamer1-plugins-base and gstreamer1-plugins-good security update (IMPORTANT)
SUSE-SU-2025:0063-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0067-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0064-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0055-1
Security update for gstreamer-plugins-good
ROS-20250121-12
Множественные уязвимости gstreamer1-plugins-good
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-01020 Уязвимость мультимедийного фреймворка Gstreamer, связанная с целочисленным переполнением, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47537 GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10. | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47537 GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10. | CVSS3: 8.4 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47537 GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10. | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
| CVE-2024-47537 GStreamer is a library for constructing graphs of media-handling compo ... | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
 | RLSA-2024:11299 Important: gstreamer1-plugins-good security update | 6 месяцев назад | ||
| ELSA-2024-11299 ELSA-2024-11299: gstreamer1-plugins-good security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2024-11122 ELSA-2024-11122: gstreamer1-plugins-good security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2024-11344 ELSA-2024-11344: gstreamer1-plugins-base and gstreamer1-plugins-good security update (IMPORTANT) | 5 месяцев назад | ||
 | SUSE-SU-2025:0063-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0067-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0064-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0055-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
 | ROS-20250121-12 Множественные уязвимости gstreamer1-plugins-good | CVSS3: 9.8 | 5 месяцев назад |
Уязвимостей на страницу