{
  "threat_severity" : "Important",
  "public_date" : "2024-12-11T18:53:00Z",
  "bugzilla" : {
    "description" : "gstreamer1-plugins-good: OOB-write in convert_to_s334_1a",
    "id" : "2331726",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2331726"
  },
  "cvss3" : {
    "cvss3_base_score" : "9.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-787",
  "details" : [ "GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loop condition i * 2 < ccpair_size. Specifically, when ccpair_size is even, the allocated size in storage does not match the loop's expected bounds, resulting in an out-of-bounds write. This bug allows for the overwriting of up to 3 bytes beyond the allocated bounds of the storage array. This vulnerability is fixed in 1.24.10.", "A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution through heap manipulation." ],
  "statement" : "This vulnerability classified as important severity rather than moderate due to its potential for out-of-bounds memory writes, which are highly exploitable in many scenarios. The discrepancy between the memory allocation and loop bounds allows overwriting up to 3 bytes beyond the intended storage array, which could corrupt adjacent memory. Depending on the execution context, this could lead to critical security consequences, such as the alteration of control structures, heap corruption, or stack manipulation, opening paths for arbitrary code execution or escalation of privileges.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-12-17T00:00:00Z",
    "advisory" : "RHSA-2024:11299",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "gstreamer1-plugins-good-0:1.16.1-5.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11148",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.2",
    "package" : "gstreamer1-plugins-good-0:1.16.1-2.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11346",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.4",
    "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11346",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.4",
    "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11346",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.4",
    "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11149",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.6",
    "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11149",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.6",
    "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11149",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.6",
    "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Extended Update Support",
    "release_date" : "2024-12-18T00:00:00Z",
    "advisory" : "RHSA-2024:11348",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.8",
    "package" : "gstreamer1-plugins-good-0:1.16.1-4.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-12-16T00:00:00Z",
    "advisory" : "RHSA-2024:11122",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "gstreamer1-plugins-good-0:1.22.1-3.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
    "release_date" : "2024-12-17T00:00:00Z",
    "advisory" : "RHSA-2024:11298",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.0",
    "package" : "gstreamer1-plugins-good-0:1.18.4-6.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-12-16T00:00:00Z",
    "advisory" : "RHSA-2024:11119",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2",
    "package" : "gstreamer1-plugins-good-0:1.18.4-7.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "release_date" : "2024-12-16T00:00:00Z",
    "advisory" : "RHSA-2024:11121",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.4",
    "package" : "gstreamer1-plugins-good-0:1.22.1-3.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "gstreamer1-plugins-good",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "gstreamer1-plugins-good",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-47539\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-47539\nhttps://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch\nhttps://gstreamer.freedesktop.org/security/sa-2024-0007.html\nhttps://securitylab.github.com/advisories/GHSL-2024-195_Gstreamer/" ],
  "name" : "CVE-2024-47539",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}