{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47542", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-09-25T21:46:10.931Z", "datePublished": "2024-12-11T18:55:18.069Z", "dateUpdated": "2024-12-12T14:31:09.320Z"}, "containers": {"cna": {"title": "GHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference", "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "lang": "en", "description": "CWE-476: NULL Pointer Dereference", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/", "tags": ["x_refsource_CONFIRM"], "url": "https://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/"}, {"name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch", "tags": ["x_refsource_MISC"], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch"}, {"name": "https://gstreamer.freedesktop.org/security/sa-2024-0008.html", "tags": ["x_refsource_MISC"], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0008.html"}], "affected": [{"vendor": "gstreamer", "product": "gstreamer", "versions": [{"version": "< 1.24.10", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-12-11T18:55:18.069Z"}, "descriptions": [{"lang": "en", "value": "GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10."}], "source": {"advisory": "GHSA-h236-x498-w7jc", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-12T14:30:59.764281Z", "id": "CVE-2024-47542", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-12T14:31:09.320Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-47542", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-12T14:30:59.764281Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-12T14:31:05.246Z"}}], "cna": {"title": "GHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference", "source": {"advisory": "GHSA-h236-x498-w7jc", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "gstreamer", "product": "gstreamer", "versions": [{"status": "affected", "version": "< 1.24.10"}]}], "references": [{"url": "https://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/", "name": "https://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch", "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch", "tags": ["x_refsource_MISC"]}, {"url": "https://gstreamer.freedesktop.org/security/sa-2024-0008.html", "name": "https://gstreamer.freedesktop.org/security/sa-2024-0008.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-12-11T18:55:18.069Z"}}}, "cveMetadata": {"cveId": "CVE-2024-47542", "state": "PUBLISHED", "dateUpdated": "2024-12-12T14:31:09.320Z", "dateReserved": "2024-09-25T21:46:10.931Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-12-11T18:55:18.069Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:*:*:*:*:*:*:*:*", "matchCriteriaId": "82BF8403-8CE2-4AFC-865F-FD40A77D20E0", "versionEndExcluding": "1.24.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10."}, {"lang": "es", "value": "GStreamer es una librer\u00eda para construir gr\u00e1ficos de componentes de manejo de medios. Se ha descubierto una desreferencia de puntero nulo en la funci\u00f3n id3v2_read_synch_uint, ubicada en id3v2.c. Si se llama a id3v2_read_synch_uint con un work->hdr.frame_data nulo, se accede al puntero guint8 *data sin validaci\u00f3n, lo que da como resultado una desreferencia de puntero nulo. Esta vulnerabilidad puede resultar en una denegaci\u00f3n de servicio (DoS) al activar un error de segmentaci\u00f3n (SEGV). Esta vulnerabilidad se corrigi\u00f3 en 1.24.10."}], "id": "CVE-2024-47542", "lastModified": "2024-12-13T19:03:40.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-12-12T02:03:28.630", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0008.html"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-476"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:7243", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "gstreamer1-plugins-base-0:1.22.12-4.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}], "bugzilla": {"description": "gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference", "id": "2331717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331717"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "(CWE-125|CWE-476)", "details": ["GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10."], "name": "CVE-2024-47542", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "gstreamer1-plugins-base", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "gstreamer1-plugins-base", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2024-12-11T18:55:18Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-47542\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-47542\nhttps://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch\nhttps://gstreamer.freedesktop.org/security/sa-2024-0008.html\nhttps://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/"], "threat_severity": "Moderate"}