GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0063-1 advisory.

    - CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421)
    - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414)
    - CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462)
    - CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473)
    - CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read.
    (boo#1234476)
    - CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads.
    (boo#1234424)
    - CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425)
    - CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer     dereferences. (boo#1234427)
    - CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428)
    - CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer.
    (boo#1234432)
    - CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433)
    - CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449)
    - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-     of-bounds writes. (boo#1234449)
    - CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447)
    - CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads.
    (boo#1234446)
    - CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434)
    - CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435)
    - CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436)
    - CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439)
    - CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input     files. (boo#1234440)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0064-1 advisory.

    - CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421)
    - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414)
    - CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417)
    - CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462)
    - CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473)
    - CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read.
    (boo#1234476)
    - CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read.
    (boo#1234477)
    - CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads.
    (boo#1234424)
    - CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425)
    - CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426)
    - CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer     dereferences. (boo#1234427)
    - CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428)
    - CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer.
    (boo#1234432)
    - CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433)
    - CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449)
    - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-     of-bounds writes. (boo#1234449)
    - CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447)
    - CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads.
    (boo#1234446)
    - CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434)
    - CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435)
    - CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436)
    - CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439)
    - CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input     files. (boo#1234440)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0067-1 advisory.

    - CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421)
    - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414)
    - CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417)
    - CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462)
    - CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473)
    - CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read.
    (boo#1234476)
    - CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read.
    (boo#1234477)
    - CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads.
    (boo#1234424)
    - CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425)
    - CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426)
    - CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer     dereferences. (boo#1234427)
    - CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428)
    - CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer.
    (boo#1234432)
    - CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433)
    - CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449)
    - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-     of-bounds writes. (boo#1234449)
    - CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447)
    - CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads.
    (boo#1234446)
    - CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434)
    - CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435)
    - CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436)
    - CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439)
    - CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input     files. (boo#1234440)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0055-1 advisory.

    - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-     of-bounds writes. (boo#1234449)
    - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414)
    - CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417)
    - CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421)
    - CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads.
    (boo#1234424)
    - CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425)
    - CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426)
    - CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer     dereferences. (boo#1234427)
    - CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428)
    - CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer.
    (boo#1234432)
    - CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433)
    - CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434)
    - CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435)
    - CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436)
    - CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439)
    - CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input     files. (boo#1234440)
    - CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads.
    (boo#1234446)
    - CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447)
    - CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462)
    - CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473)
    - CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read.
    (boo#1234476)
    - CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read.
    (boo#1234477)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5838 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5838-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     December 29, 2024                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : gst-plugins-good1.0     CVE ID         : CVE-2024-47537 CVE-2024-47539 CVE-2024-47540 CVE-2024-47543                      CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596                      CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601                      CVE-2024-47602 CVE-2024-47603 CVE-2024-47606 CVE-2024-47613                      CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 CVE-2024-47777                      CVE-2024-47778 CVE-2024-47834

    Multiple vulnerabilities were discovered in plugins for the GStreamer     media framework and its codecs and demuxers, which may result in denial     of service or potentially the execution of arbitrary code if a malformed     media file is opened.

    For the stable distribution (bookworm), these problems have been fixed in     version 1.22.0-5+deb12u2.

    We recommend that you upgrade your gst-plugins-good1.0 packages.

    For the detailed security status of gst-plugins-good1.0 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gst-plugins-good1.0

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7176-1 advisory.

    Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files.
    An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of     service, or possibly execute arbitrary code.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7945c543-b3e8-11ef-b680-4ccc6adda413 advisory.

    The GStreamer Security Center reports:
    Insufficient error handling in the JPEG decoder that can lead to                 NULL-pointer dereferences, and that can cause crashes for certain                 input files.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
213996	SUSE SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2025:0063-1)	Nessus	SuSE Local Security Checks	high
213968	SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2025:0064-1)	Nessus	SuSE Local Security Checks	high
213967	SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2025:0067-1)	Nessus	SuSE Local Security Checks	high
213692	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-good (SUSE-SU-2025:0055-1)	Nessus	SuSE Local Security Checks	high
213415	Debian dsa-5838 : gstreamer1.0-gtk3 - security update	Nessus	Debian Local Security Checks	high
213187	Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : GStreamer Good Plugins vulnerabilities (USN-7176-1)	Nessus	Ubuntu Local Security Checks	high
212143	FreeBSD : gstreamer1-plugins-jpeg -- NULL-pointer dereferences in JPEG decoder (7945c543-b3e8-11ef-b680-4ccc6adda413)	Nessus	FreeBSD Local Security Checks	high

Detections

Analytics

CVE-2024-47599

medium

Tenable Plugins

high

high

high

high

high

high

high