ALSA-2024:11123
- Source
- https://errata.almalinux.org/9/ALSA-2024-11123.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:11123.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ALSA-2024:11123
- Related
- Published
- 2024-12-16T00:00:00Z
- Modified
- 2024-12-23T08:19:57Z
- Summary
- Important: gstreamer1-plugins-base security update
- Details
-
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.
Security Fix(es):
- gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbishandleidentification_packet (CVE-2024-47538)
- gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)
- gstreamer1-plugins-base: stack-buffer overflow in gstopusdecparseheader (CVE-2024-47607)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2024:11123
- https://access.redhat.com/security/cve/CVE-2024-47538
- https://access.redhat.com/security/cve/CVE-2024-47607
- https://access.redhat.com/security/cve/CVE-2024-47615
- https://bugzilla.redhat.com/2331727
- https://bugzilla.redhat.com/2331740
- https://bugzilla.redhat.com/2331754
- https://errata.almalinux.org/9/ALSA-2024-11123.html
Affected packages
AlmaLinux:9 / gstreamer1-plugins-base
Package
- Name
- gstreamer1-plugins-base
- Purl
- pkg:rpm/almalinux/gstreamer1-plugins-base
AlmaLinux:9 / gstreamer1-plugins-base-devel
Package
- Name
- gstreamer1-plugins-base-devel
- Purl
- pkg:rpm/almalinux/gstreamer1-plugins-base-devel