CVE-2024-47774 | GStreamer up to 1.24.9 gstavisubtitle.c gst_avi_subtitle_parse_gab2_chunk name_length out-of-bounds (GHSL-2024-262)

Posted by Angelo Barbosa | Dec 11, 2024 | CVE

A vulnerability was found in GStreamer up to 1.24.9. It has been rated as problematic. This issue affects the function gst_avi_subtitle_parse_gab2_chunk of the file gstavisubtitle.c. The manipulation of the argument name_length leads to out-of-bounds read.

The identification of this vulnerability is CVE-2024-47774. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47774 | GStreamer up to 1.24.9 gstavisubtitle.c gst_avi_subtitle_parse_gab2_chunk name_length out-of-bounds (GHSL-2024-262)

Related Posts

CVE-2024-30097 | Microsoft Windows up to Server 2022 23H2 Speech Application Programming Interface double free

CVE-2021-46920 | Linux Kernel up to 5.10.31/5.11/5.11.15 idxd information disclosure (a5ad12d5d69c/02981a44a0e4/ea941ac294d7)

CVE-2024-3089 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 Manage Ambulance Page manage-ambulance.php del cross-site request forgery

CVE-2024-4916 | Campcodes Online Examination System 1.0 selExamAttemptExe.php thisId sql injection