5921 matches found
CVE-2024-47607
A flaw was found in the GStreamer library. A stack buffer overflow in the Opus decoder can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. Mitigation Mitigation for this issue is either not available or the currently available...
CVE-2024-47538
A flaw was found in the Vorbis decoder in the GStreamer library. Processing a specially crafted input file can cause a stack-based buffer overflow in the Vorbis decoder due to improper input validation, resulting in unexpected behavior or, most likely, an application crash. Mitigation Do not...
CVE-2024-47607
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47613
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...
AZL-62360 CVE-2024-47607 affecting package gstreamer1 1.20.0-2
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47538
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...
AZL-62399 CVE-2024-47538 affecting package gstreamer1 1.20.0-2
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...
CVE-2024-47613 GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...
CVE-2024-47613 GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...
CVE-2024-47613
GStreamer vulnerability CVE-2024-47613 affects the gst_gdk_pixbuf_dec_flush path in the GstGdkPixbufDec demux. The issue arises when out_pix, expected to point to frame 0, can instead reference a NULL frame, causing a null pointer dereference in a subsequent memcpy and potentially triggering a se...
CVE-2024-47613
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...
CVE-2024-47613
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...
CVE-2024-47607 GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47607
CVE-2024-47607 affects GStreamer’s opus decoder (gst_opus_dec_parse_header in gstopusdec.c). A stack-allocated pos buffer of size 64 can overflow when n_channels > 64, causing writes beyond the buffer and potential control-flow corruption (overwriting the EIP). The issue is fixed in GStreamer ...
CVE-2024-47607 GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47607
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47607 GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47607
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...
CVE-2024-47538 GHSL-2024-115: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...
CVE-2024-47538
CVE-2024-47538 affects GStreamer’s vorbis handling in the Vorbis decoder. A stack-buffer overflow is triggered in the function vorbis_handle_identification_packet within gstvorbisdec.c: a stack-allocated position buffer of size 64 is overflowed when vd->vi.channels exceeds 64, writing the valu...