admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-47599.md

18 lines
1.0 KiB
Markdown
Raw Permalink Normal View History

Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
### [CVE-2024-47599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47599)
![](https://img.shields.io/static/v1?label=Product&message=gstreamer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%201.24.10%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%3A%20NULL%20Pointer%20Dereference&color=brightgreen)
### Description
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/w4zu/Debian_security
Reference in New Issue Copy Permalink