vulnerability

Red Hat: CVE-2024-47598: gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (Multiple Advisories)

Name: Red Hat: CVE-2024-47598: gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (Multiple Advisories)
Creator: Red Hat
Published: 2024-12-12T00:00:00.000Z
Keywords: CVE, CWE-125, Red Hat, 2024, 47598, gstreamer1, redhat-upgrade-gstreamer1-plugins-good, redhat-upgrade-gstreamer1-plugins-good-debuginfo, redhat-upgrade-gstreamer1-plugins-good-debugsource, redhat-upgrade-gstreamer1-plugins-good-gtk, redhat-upgrade-gstreamer1-plugins-good-gtk-debuginfo, redhat-upgrade-gstreamer1-plugins-good-qt-debuginfo, Severity 4

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:P/A:P)

Published

Dec 12, 2024

Added

May 14, 2025

Modified

Jun 12, 2026

Description

A flaw was found in the GStreamer library. When handling raw audio tracks, out-of-bounds reads in the MP4/MOV demuxer's sample table parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.

Solutions

redhat-upgrade-gstreamer1-plugins-goodredhat-upgrade-gstreamer1-plugins-good-debuginforedhat-upgrade-gstreamer1-plugins-good-debugsourceredhat-upgrade-gstreamer1-plugins-good-gtkredhat-upgrade-gstreamer1-plugins-good-gtk-debuginforedhat-upgrade-gstreamer1-plugins-good-qt-debuginfo

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report