ISHACK AI BOT

Apple Safari security update for CVE-2024-44212 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin. Solution(s) apple-safari-upgrade-18_1 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2024-44212 CVE - 2024-44212 http://support.apple.com/en-us/121571

Debian: CVE-2024-47540: gst-plugins-good1.0 -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uninitialized map variable. Then, in the gst_memory_unmap function, the program will attempt to unmap the buffer using the uninitialized map variable, causing a function pointer hijack, as it will jump to mem->allocator->mem_unmap_full or mem->allocator->mem_unmap. This vulnerability could allow an attacker to hijack the execution flow, potentially leading to code execution. This vulnerability is fixed in 1.24.10. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2024-47540 CVE - 2024-47540 DSA-5838-1

OS X update for Siri (CVE-2024-44200) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to read sensitive location information. Solution(s) apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44200 CVE - 2024-44200 https://support.apple.com/en-us/121564

Ubuntu: USN-7176-1 (CVE-2024-47543): GStreamer Good Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function qtdemux_parse_node, the value of length is not well checked. So, if length is big enough, it causes the pointer end to point beyond the boundaries of buffer. Subsequently, in the qtdemux_parse_container function, the while loop can trigger an OOB-read, accessing memory beyond the bounds of buf. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47543 CVE - 2024-47543 USN-7176-1

Ubuntu: (CVE-2024-54534): webkit2gtk vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 01/08/2025 Added 01/07/2025 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Solution(s) ubuntu-upgrade-webkit2gtk References https://attackerkb.com/topics/cve-2024-54534 CVE - 2024-54534 https://www.cve.org/CVERecord?id=CVE-2024-54534

OS X update for AppleMobileFileIntegrity (CVE-2024-54527) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description This issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54527 CVE - 2024-54527 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

Red Hat: CVE-2024-47615: gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed the fixed size of the pad->vorbis_mode_sizes array (which size is 256). When this happens, the for loop overwrites the entire pad structure with 0s and 1s, affecting adjacent memory as well. This OOB-write can overwrite up to 380 bytes of memory beyond the boundaries of the pad->vorbis_mode_sizes array. This vulnerability is fixed in 1.24.10. Solution(s) redhat-upgrade-gstreamer1-plugins-base redhat-upgrade-gstreamer1-plugins-base-debuginfo redhat-upgrade-gstreamer1-plugins-base-debugsource redhat-upgrade-gstreamer1-plugins-base-devel redhat-upgrade-gstreamer1-plugins-base-tools redhat-upgrade-gstreamer1-plugins-base-tools-debuginfo References CVE-2024-47615 RHSA-2024:11117 RHSA-2024:11118 RHSA-2024:11123 RHSA-2024:11142 RHSA-2024:11345

Ubuntu: USN-7176-1 (CVE-2024-47601): GStreamer Good Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer *sub pointer before performing dereferences. As a result, null pointer dereferences may occur. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47601 CVE - 2024-47601 USN-7176-1

Alma Linux: CVE-2024-54502: Important: webkit2gtk3 security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) alma-upgrade-webkit2gtk3 alma-upgrade-webkit2gtk3-devel alma-upgrade-webkit2gtk3-jsc alma-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2024-54502 CVE - 2024-54502 https://errata.almalinux.org/8/ALSA-2025-0145.html https://errata.almalinux.org/9/ALSA-2025-0146.html

Debian: CVE-2024-47596: gst-plugins-good1.0 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2024-47596 CVE - 2024-47596 DSA-5838-1

Alma Linux: CVE-2024-47606: Important: gstreamer1-plugins-good security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/30/2025 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned) size, causing the overflow of the 'slice_size' variable. As a result, only 0x89 bytes are allocated, despite the large input size. When the following memcpy call occurs in gst_buffer_fill, the data from the input file will overwrite the content of the GstMapInfo info structure. Finally, during the call to gst_memory_unmap, the overwritten memory may cause a function pointer hijack, as the mem->allocator->mem_unmap_full function is called with a corrupted pointer. This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. This vulnerability is fixed in 1.24.10. Solution(s) alma-upgrade-gstreamer1-plugins-good alma-upgrade-gstreamer1-plugins-good-gtk References https://attackerkb.com/topics/cve-2024-47606 CVE - 2024-47606 https://errata.almalinux.org/8/ALSA-2024-11299.html https://errata.almalinux.org/9/ALSA-2024-11122.html

Debian: CVE-2024-54508: webkit2gtk, wpewebkit -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/28/2024 Added 12/27/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2024-54508 CVE - 2024-54508 DSA-5835-1

Ubuntu: USN-7176-1 (CVE-2024-47597): GStreamer Good Plugins vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function qtdemux_parse_samples reads data beyond the boundaries of the stream->stco buffer. The following code snippet shows the call to qt_atom_parser_get_offset_unchecked, which leads to the OOB-read when parsing the provided GHSL-2024-245_crash1.mp4 file. This issue may lead to read up to 8 bytes out-of-bounds. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47597 CVE - 2024-47597 USN-7176-1

Red Hat: CVE-2024-54505: webkit: Processing maliciously crafted web content may lead to memory corruption (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/15/2025 Description A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2024-54505 RHSA-2025:0145 RHSA-2025:0146 RHSA-2025:0226 RHSA-2025:0279 RHSA-2025:0282

Debian: CVE-2024-47777: gst-plugins-good1.0 -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/12/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is sufficient. If the buffer is too small, the function reads beyond its bounds. This vulnerability may result in reading 4 bytes out of the boundaries of the data buffer. This vulnerability is fixed in 1.24.10. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2024-47777 CVE - 2024-47777 DSA-5838-1

Apple Safari security update for CVE-2024-44246 Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website. Solution(s) apple-safari-upgrade-18_2 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2024-44246 CVE - 2024-44246 http://support.apple.com/en-us/121846

Alma Linux: CVE-2024-47613: Important: gstreamer1-plugins-good security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the destination address. `out_pix` is expected to point to the frame 0 from the frame structure, which is read from the input file. However, in certain situations, it can points to a NULL frame, causing the subsequent call to `memcpy` to attempt writing to the null address (0x00), leading to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10. Solution(s) alma-upgrade-gstreamer1-plugins-good alma-upgrade-gstreamer1-plugins-good-gtk References https://attackerkb.com/topics/cve-2024-47613 CVE - 2024-47613 https://errata.almalinux.org/8/ALSA-2024-11299.html https://errata.almalinux.org/9/ALSA-2024-11122.html

Ubuntu: USN-7176-1 (CVE-2024-47539): GStreamer Good Plugins vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/30/2025 Description GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loop condition i * 2 < ccpair_size. Specifically, when ccpair_size is even, the allocated size in storage does not match the loop's expected bounds, resulting in an out-of-bounds write. This bug allows for the overwriting of up to 3 bytes beyond the allocated bounds of the storage array. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47539 CVE - 2024-47539 USN-7176-1

Amazon Linux AMI 2: CVE-2024-47537: Security patch for gstreamer1-plugins-good (ALAS-2025-2748) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/12/2024 Created 02/05/2025 Added 02/05/2025 Modified 02/05/2025 Description GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10. Solution(s) amazon-linux-ami-2-upgrade-gstreamer1-plugins-good amazon-linux-ami-2-upgrade-gstreamer1-plugins-good-debuginfo amazon-linux-ami-2-upgrade-gstreamer1-plugins-good-gtk References https://attackerkb.com/topics/cve-2024-47537 AL2/ALAS-2025-2748 CVE - 2024-47537

Alma Linux: CVE-2024-47540: Important: gstreamer1-plugins-good security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uninitialized map variable. Then, in the gst_memory_unmap function, the program will attempt to unmap the buffer using the uninitialized map variable, causing a function pointer hijack, as it will jump to mem->allocator->mem_unmap_full or mem->allocator->mem_unmap. This vulnerability could allow an attacker to hijack the execution flow, potentially leading to code execution. This vulnerability is fixed in 1.24.10. Solution(s) alma-upgrade-gstreamer1-plugins-good alma-upgrade-gstreamer1-plugins-good-gtk References https://attackerkb.com/topics/cve-2024-47540 CVE - 2024-47540 https://errata.almalinux.org/8/ALSA-2024-11299.html https://errata.almalinux.org/9/ALSA-2024-11122.html

Amazon Linux AMI 2: CVE-2024-47607: Security patch for gstreamer1-plugins-base (ALAS-2025-2747) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/12/2024 Created 02/05/2025 Added 02/05/2025 Modified 02/05/2025 Description GStreamer is a library for constructing graphs of media-handling components.stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will write beyond the boundaries of the pos array. The value written will always be GST_AUDIO_CHANNEL_POSITION_NONE. This bug allows to overwrite the EIP address allocated in the stack. This vulnerability is fixed in 1.24.10. Solution(s) amazon-linux-ami-2-upgrade-gstreamer1-plugins-base amazon-linux-ami-2-upgrade-gstreamer1-plugins-base-debuginfo amazon-linux-ami-2-upgrade-gstreamer1-plugins-base-devel amazon-linux-ami-2-upgrade-gstreamer1-plugins-base-tools References https://attackerkb.com/topics/cve-2024-47607 AL2/ALAS-2025-2747 CVE - 2024-47607

Microsoft Edge Chromium: CVE-2024-12382 Use after free in Translate Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/28/2025 Description Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-12382 CVE - 2024-12382 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-12382

Alma Linux: CVE-2024-54508: Important: webkit2gtk3 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) alma-upgrade-webkit2gtk3 alma-upgrade-webkit2gtk3-devel alma-upgrade-webkit2gtk3-jsc alma-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2024-54508 CVE - 2024-54508 https://errata.almalinux.org/8/ALSA-2025-0145.html https://errata.almalinux.org/9/ALSA-2025-0146.html

Debian: CVE-2024-47776: gst-plugins-good1.0 -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/12/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparisonif (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2024-47776 CVE - 2024-47776 DSA-5838-1

Alma Linux: CVE-2024-47607: Important: gstreamer1-plugins-base security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/30/2025 Description GStreamer is a library for constructing graphs of media-handling components.stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will write beyond the boundaries of the pos array. The value written will always be GST_AUDIO_CHANNEL_POSITION_NONE. This bug allows to overwrite the EIP address allocated in the stack. This vulnerability is fixed in 1.24.10. Solution(s) alma-upgrade-gstreamer1-plugins-base alma-upgrade-gstreamer1-plugins-base-devel alma-upgrade-gstreamer1-plugins-base-tools References https://attackerkb.com/topics/cve-2024-47607 CVE - 2024-47607 https://errata.almalinux.org/8/ALSA-2024-11345.html https://errata.almalinux.org/9/ALSA-2024-11123.html