CVE-2024-47601
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Dec 12, 2024
Updated: Dec 18, 2024
CWE ID 476
Summary
CVE-2024-47601 is a null pointer dereference vulnerability affecting the GStreamer library, specifically the function gst_matroska_demux_parse_blockgroup_or_simpleblock within matroska-demux.c. This issue arises due to insufficient validation of a sub pointer, leading to potential null pointer dereferences. If exploited, this vulnerability could have serious implications, potentially causing application crashes or even enabling remote code execution. The affected version is 1.24.10 and later patches are available to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Gstreamer Project Gstreamer
Affected Vendors
- Gstreamer Project