Debian Gst-Plugins-Good1.0 vulnerabilities

CVE-2024-47777 [MEDIUM] CVE-2024-47777: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. An ... GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is sufficient. If the buffer is too small, the function

CVE-2024-47776 [MEDIUM] CVE-2024-47776: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. An ... GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fai

CVE-2024-47834 [MEDIUM] CVE-2024-47834: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. An ... GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the gst_matroska_demux_parse_stream function, a data chunk is allocated using gst_ebml_read_binary. L

CVE-2024-47775 [MEDIUM] CVE-2024-47775: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. An ... GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boun

CVE-2024-47544 [MEDIUM] CVE-2024-47544: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. The... GStreamer is a library for constructing graphs of media-handling components. The function qtdemux_parse_sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10. Scope: local bookworm: resolved (fixed in 1.22.0-5+deb12u2) bullseye: resolved (fixed in 1.18.4-2+deb11u3) forky: resolved (fixed in 1.24.10-1)

CVE-2024-47545 [MEDIUM] CVE-2024-47545: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. An ... GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux_parse_trak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happens, the subsequent call to gst_buffer_fill will invoke m

CVE-2024-47603 [MEDIUM] CVE-2024-47603: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. A n... GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_update_tracks function within matroska-demux.c. The vulnerability occurs when the gst_caps_is_equal function is called with invalid caps values. If this happen, then in the function gst_buff

CVE-2023-37327 [HIGH] CVE-2023-37327: gst-plugins-good1.0 - GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability... GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within

CVE-2022-1920 [HIGH] CVE-2022-1920: gst-plugins-good1.0 - Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header ... Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. Scope: local bookworm: resolved (fixed in 1.20.3-1) bullseye: resolved (fixed in 1.18.4-2+deb11u1) forky: resolved (fixed in 1.20.3-1) sid: resolv

CVE-2022-1925 [HIGH] CVE-2022-1925: gst-plugins-good1.0 - DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. ... DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks. Scope: local

CVE-2022-1924 [HIGH] CVE-2022-1924: gst-plugins-good1.0 - DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer ... DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses

CVE-2022-1921 [HIGH] CVE-2022-1921: gst-plugins-good1.0 - Integer overflow in avidemux element in gst_avi_demux_invert function which allo... Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. Scope: local bookworm: resolved (fixed in 1.20.3-1) bullseye: resolved (fixed in 1.18.4-2+deb11u1) forky: resolved (fixed in 1.20.3-1) sid: resolved (fixed in 1.20.3-1) t

CVE-2022-1923 [HIGH] CVE-2022-1923: gst-plugins-good1.0 - DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer... DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc use

CVE-2022-2122 [HIGH] CVE-2022-2122: gst-plugins-good1.0 - DOS / potential heap overwrite in qtdemux using zlib decompression. Integer over... DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. Scope: local bookworm: resolv

CVE-2022-1922 [HIGH] CVE-2022-1922: gst-plugins-good1.0 - DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer... DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If th

CVE-2021-3497 [HIGH] CVE-2021-3497: gst-plugins-good1.0 - GStreamer before 1.18.4 might access already-freed memory in error code paths wh... GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. Scope: local bookworm: resolved (fixed in 1.18.4-2) bullseye: resolved (fixed in 1.18.4-2) forky: resolved (fixed in 1.18.4-2) sid: resolved (fixed in 1.18.4-2) trixie: resolved (fixed in 1.18.4-2)

CVE-2021-3498 [HIGH] CVE-2021-3498: gst-plugins-good1.0 - GStreamer before 1.18.4 might cause heap corruption when parsing certain malform... GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. Scope: local bookworm: resolved (fixed in 1.18.4-2) bullseye: resolved (fixed in 1.18.4-2) forky: resolved (fixed in 1.18.4-2) sid: resolved (fixed in 1.18.4-2) trixie: resolved (fixed in 1.18.4-2)

CVE-2017-5841 [HIGH] CVE-2017-5841: gst-plugins-good1.0 - The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-go... The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fixed in 1.10.3-1) forky: resolved (fixed in 1.10.3-1) sid: reso

CVE-2017-5840 [HIGH] CVE-2017-5840: gst-plugins-good1.0 - The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good i... The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fixed in 1.10.3-1) forky: resolved (fixed in 1.10.3-1)

CVE-2017-5845 [HIGH] CVE-2017-5845: gst-plugins-good1.0 - The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-go... The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fixed in 1.10.3-1) forky: resolv