AZL-62360 CVE-2024-47607 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

AZL-62387 CVE-2024-47599 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstjpegdecnegotiate function in gstjpegdec.c. This function does not check for a NULL return value from gstvideodecodersetoutputstate. When this happens...

AZL-54306 CVE-2024-47538 affecting package gstreamer1-plugins-base 1.20.0-3

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...

CVE-2024-47607

GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

CVE-2024-47599 GHSL-2024-247: GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstjpegdecnegotiate function in gstjpegdec.c. This function does not check for a NULL return value from gstvideodecodersetoutputstate. When this happens...

CVE-2024-47599 GHSL-2024-247: GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstjpegdecnegotiate function in gstjpegdec.c. This function does not check for a NULL return value from gstvideodecodersetoutputstate. When this happens...

GStreamer 安全漏洞

GStreamer is the GStreamer open source set of frameworks for processing streaming media. A security vulnerability exists in GStreamer that stems from a stack buffer overflow detected in the gstopusdecparseheader function in gstopusdec.c. The vulnerability is caused by the detection of a stack...

FreeBSD : gstreamer1-plugins-opus -- Stack buffer-overflow in Opus decoder (7d1b4e5d-b3e8-11ef-b680-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7d1b4e5d-b3e8-11ef-b680-4ccc6adda413 advisory. The GStreamer Security Center reports: Stack buffer-overflow in Opus decoder that can cause crashes for...

FreeBSD : gstreamer1-plugins-vorbis -- Stack buffer-overflow in Vorbis decoder (7f3a302b-b3e8-11ef-b680-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7f3a302b-b3e8-11ef-b680-4ccc6adda413 advisory. The GStreamer Security Center reports: Stack buffer-overflow in Vorbis decoder that can cause crashes f...

FreeBSD : gstreamer1-plugins-jpeg -- NULL-pointer dereferences in JPEG decoder (7945c543-b3e8-11ef-b680-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7945c543-b3e8-11ef-b680-4ccc6adda413 advisory. The GStreamer Security Center reports: Insufficient error handling in the JPEG decoder that can lead to...

OESA-2024-2505 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

SUSE CVE-2024-36615

FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread...

SUSE CVE-2024-36617

FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder...

SUSE CVE-2024-36619

FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service DoS condition...

The vulnerability of the vdec component of MediaTek’s microprogramming software chips allows attackers to enhance their privileges.

The vulnerability of the vdec component of MediaTek’s microprogramming software lies in the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

gstreamer1-plugins-vorbis -- Stack buffer-overflow in Vorbis decoder

The GStreamer Security Center reports: Stack buffer-overflow in Vorbis decoder that can cause crashes for certain input files...

gstreamer1-plugins-opus -- Stack buffer-overflow in Opus decoder

The GStreamer Security Center reports: Stack buffer-overflow in Opus decoder that can cause crashes for certain input files...

FFmpeg CAF Decoder Integer Overflow Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An integer overflow vulnerability exists in the FFmpeg CAF decoder, which can be exploited by an attacker to submit a special file and trick the user into parsing it, which can crash the...

gstreamer1-plugins-gdkpixbuf -- NULL-pointer dereference

The GStreamer Security Center reports: A NULL-pointer dereference in the gdk-pixbuf decoder that can cause crashes for certain input files...

gstreamer1-plugins-jpeg -- NULL-pointer dereferences in JPEG decoder

The GStreamer Security Center reports: Insufficient error handling in the JPEG decoder that can lead to NULL-pointer dereferences, and that can cause crashes for certain input files...