GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed the fixed size of the pad->vorbis_mode_sizes array (which size is 256). When this happens, the for loop overwrites the entire pad structure with 0s and 1s, affecting adjacent memory as well. This OOB-write can overwrite up to 380 bytes of memory beyond the boundaries of the pad->vorbis_mode_sizes array. This vulnerability is fixed in 1.24.10.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11123 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11130 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11141 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11142 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11117 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11120 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11118 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11143 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet     (CVE-2024-47538)

    * gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)

    * gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-11123 advisory.

    [1.22.1-3]
    - Fixes for CVE-2024-47538, CVE-2024-47607, CVE-2024-47615       Resolves: RHEL-70979, RHEL-71015, RHEL-70991

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5831 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5831-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     December 14, 2024                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : gst-plugins-base1.0     CVE ID         : CVE-2024-47538 CVE-2024-47541 CVE-2024-47600                      CVE-2024-47607 CVE-2024-47615 CVE-2024-47835

    Multiple multiple vulnerabilities were discovered in plugins for the     GStreamer media framework and its codecs and demuxers, which may result     in denial of service or potentially the execution of arbitrary code if     a malformed media file is opened.

    For the stable distribution (bookworm), these problems have been fixed in     version 1.22.0-3+deb12u3.

    We recommend that you upgrade your gst-plugins-base1.0 packages.

    For the detailed security status of gst-plugins-base1.0 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gst-plugins-base1.0

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b34ddf7-b3e8-11ef-b680-4ccc6adda413 advisory.

    The GStreamer Security Center reports:
    An out-of-bounds write in the Ogg demuxer that can cause crashes                 for certain input files.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
213127	RHEL 9 : gstreamer1-plugins-base (RHSA-2024:11123)	Nessus	Red Hat Local Security Checks	high
213126	RHEL 8 : gstreamer1-plugins-base (RHSA-2024:11130)	Nessus	Red Hat Local Security Checks	high
213116	RHEL 8 : gstreamer1-plugins-base (RHSA-2024:11141)	Nessus	Red Hat Local Security Checks	high
213112	RHEL 8 : gstreamer1-plugins-base (RHSA-2024:11142)	Nessus	Red Hat Local Security Checks	high
213110	RHEL 9 : gstreamer1-plugins-base (RHSA-2024:11117)	Nessus	Red Hat Local Security Checks	high
213106	RHEL 9 : gstreamer1-plugins-base (RHSA-2024:11120)	Nessus	Red Hat Local Security Checks	high
213105	RHEL 9 : gstreamer1-plugins-base (RHSA-2024:11118)	Nessus	Red Hat Local Security Checks	high
213104	RHEL 8 : gstreamer1-plugins-base (RHSA-2024:11143)	Nessus	Red Hat Local Security Checks	high
213053	Oracle Linux 9 : gstreamer1-plugins-base (ELSA-2024-11123)	Nessus	Oracle Linux Local Security Checks	high
213023	Debian dsa-5831 : gir1.2-gst-plugins-base-1.0 - security update	Nessus	Debian Local Security Checks	high
212145	FreeBSD : gstreamer1-plugins-ogg -- Out-of-bounds write in Ogg demuxer (7b34ddf7-b3e8-11ef-b680-4ccc6adda413)	Nessus	FreeBSD Local Security Checks	critical

Detections

Analytics

CVE-2024-47615

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

critical