What is CVE-2024-47540?

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size allocator->mem_unmap_full or mem->allocator->mem_unmap. This vulnerability could allow an attacker to hijack the execution flow, potentially leading to code execution. This vulnerability is fixed in 1.24.10.

How severe is CVE-2024-47540?

This vulnerability has a severity rating of HIGH with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-47540?

This is classified as CWE-457, which is a common weakness in software security.

CVE-2024-47540 - HIGH Severity | CVSS 9.8

Vulnerability Description

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uninitialized map variable. Then, in the gst_memory_unmap function, the program will attempt to unmap the buffer using the uninitialized map variable, causing a function pointer hijack, as it will jump to mem->allocator->mem_unmap_full or mem->allocator->mem_unmap. This vulnerability could allow an attacker to hijack the execution flow, potentially leading to code execution. This vulnerability is fixed in 1.24.10.

Related Vulnerabilities

CVE-2021-40418

CRITICAL

CVSS:9.8(Critical)

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed fro...

CWE-4572021

CVE-2022-40510

CRITICAL

CVSS:9.8(Critical)

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

CWE-4572022

CVE-2022-21217

CRITICAL

CVSS:9.1(Critical)

An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request can lead to an out-of-bounds write. An at...

CWE-4572022

CVE-2023-6324

HIGH

CVSS:8.8(High)

ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity

CWE-4572023

CVE-2024-23159

HIGH

CVSS:8.8(High)

A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can le...

CWE-4572024

CVE-2024-6990

HIGH

CVSS:8.8(High)

Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security se...

CWE-4572024