GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-23896.

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9056 advisory.

    * gstreamer: EXIF Metadata Parsing Integer Overflow (CVE-2024-4453)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9056 advisory.

    - CVE-2024-4453 gstreamer1: EXIF Metadata Parsing Integer Overflow

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:9056 advisory.

    * gstreamer: EXIF Metadata Parsing Integer Overflow (CVE-2024-4453)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9056 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer: EXIF Metadata Parsing Integer Overflow (CVE-2024-4453)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of gstreamer1-plugins-base installed on the remote host is prior to 1.18.4-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2592 advisory.

    GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with     this library is required to exploit this vulnerability but attack vectors may vary depending on the     implementation.

    The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper     validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An     attacker can leverage this vulnerability to execute code in the context of the current process.. Was ZDI-     CAN-23896. (CVE-2024-4453)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of gstreamer-plugins-base installed on the remote host is prior to 0.10.36-18. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2593 advisory.

    GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with     this library is required to exploit this vulnerability but attack vectors may vary depending on the     implementation.

    The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper     validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An     attacker can leverage this vulnerability to execute code in the context of the current process.. Was ZDI-     CAN-23896. (CVE-2024-4453)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-919bc7e512 advisory.

    Update to gstreamer-1.22.9.

    ----

    Backport fix for CVE-2024-0444.

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1945-1 advisory.

    - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata     (bsc#1224806)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1910-1 advisory.

    - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata     (bsc#1224806)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1893-1 advisory.

    - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata     (bsc#1224806)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5702 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5702-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     June 01, 2024                         https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : gst-plugins-base1.0     CVE ID         : CVE-2024-4453

    An integer overflow in the EXIF metadata parsing was discovered in the     GStreamer media framework, which may result in denial of service or     potentially the execution of arbitrary code if a malformed file is     processed.

    For the oldstable distribution (bullseye), this problem has been fixed     in version 1.18.4-2+deb11u2.

    For the stable distribution (bookworm), this problem has been fixed in     version 1.22.0-3+deb12u2.

    We recommend that you upgrade your gst-plugins-base1.0 packages.

    For the detailed security status of gst-plugins-base1.0 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gst-plugins-base1.0

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1886-1 advisory.

    - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata     (bsc#1224806)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1882-1 advisory.

    - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata     (bsc#1224806)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3824 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-3824-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                          Adrian Bunk     May 30, 2024                                  https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : gst-plugins-base1.0     Version        : 1.14.4-2+deb10u3     CVE ID         : CVE-2024-4453

    An integer overflow in the EXIF metadata parser has been fixed in the     GStreamer media framework.

    For Debian 10 buster, this problem has been fixed in version     1.14.4-2+deb10u3.

    We recommend that you upgrade your gst-plugins-base1.0 packages.

    For the detailed security status of gst-plugins-base1.0 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gst-plugins-base1.0

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6798-1 advisory.

    It was discovered that GStreamer Base Plugins incorrectly handled certain EXIF metadata. An attacker could     possibly use this issue to execute arbitrary code or cause a crash.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
211594	RockyLinux 8 : gstreamer1-plugins-base (RLSA-2024:9056)	Nessus	Rocky Linux Local Security Checks	high
210766	Oracle Linux 8 : gstreamer1-plugins-base (ELSA-2024-9056)	Nessus	Oracle Linux Local Security Checks	high
210765	AlmaLinux 8 : gstreamer1-plugins-base (ALSA-2024:9056)	Nessus	Alma Linux Local Security Checks	high
210750	RHEL 8 : gstreamer1-plugins-base (RHSA-2024:9056)	Nessus	Red Hat Local Security Checks	high
202994	Amazon Linux 2 : gstreamer1-plugins-base (ALAS-2024-2592)	Nessus	Amazon Linux Local Security Checks	high
202982	Amazon Linux 2 : gstreamer-plugins-base (ALAS-2024-2593)	Nessus	Amazon Linux Local Security Checks	high
201176	Fedora 39 : mingw-gstreamer1 / mingw-gstreamer1-plugins-bad-free / etc (2024-919bc7e512)	Nessus	Fedora Local Security Checks	high
200237	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1945-1)	Nessus	SuSE Local Security Checks	high
200076	SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1910-1)	Nessus	SuSE Local Security Checks	high
200073	SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1893-1)	Nessus	SuSE Local Security Checks	high
198299	Debian dsa-5702 : gir1.2-gst-plugins-base-1.0 - security update	Nessus	Debian Local Security Checks	high
198284	SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1886-1)	Nessus	SuSE Local Security Checks	high
198283	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1882-1)	Nessus	SuSE Local Security Checks	high
198164	Debian dla-3824 : gir1.2-gst-plugins-base-1.0 - security update	Nessus	Debian Local Security Checks	high
198070	Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : GStreamer Base Plugins vulnerability (USN-6798-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2024-4453

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high