Alpine: multiple gst-plugins-good packages: security update to 1.24.10-r0

high Tenable Self-Hosted Container Security Plugin ID 427318

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference
vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function
invokes `memcpy`, using `out_pix` as the destination address. `out_pix` is expected to point to the frame
0 from the frame structure, which is read from the input file. However, in certain situations, it can
points to a NULL frame, causing the subsequent call to `memcpy` to attempt writing to the null address
(0x00), leading to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS)
by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10. (CVE-2024-47613)

- GStreamer is a library for constructing graphs of media-handling components. The program attempts to
reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count
elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this
value is big enough, this can lead to an integer overflow during the addition. As a consequence,
g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following
this, the program iterates through samples_count elements and attempts to write samples_count number of
elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This
vulnerability is fixed in 1.24.10. (CVE-2024-47537)

- GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write
vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability
arises due to a discrepancy between the size of memory allocated to the storage array and the loop
condition i * 2 < ccpair_size. Specifically, when ccpair_size is even, the allocated size in storage does
not match the loop's expected bounds, resulting in an out-of-bounds write. This bug allows for the
overwriting of up to 3 bytes beyond the allocated bounds of the storage array. This vulnerability is fixed
in 1.24.10. (CVE-2024-47539)

- GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack
variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within
matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uninitialized map variable.
Then, in the gst_memory_unmap function, the program will attempt to unmap the buffer using the
uninitialized map variable, causing a function pointer hijack, as it will jump to
mem->allocator->mem_unmap_full or mem->allocator->mem_unmap. This vulnerability could allow an attacker to
hijack the execution flow, potentially leading to code execution. This vulnerability is fixed in 1.24.10.
(CVE-2024-47540)

- GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has
been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function
qtdemux_parse_node, the value of length is not well checked. So, if length is big enough, it causes the
pointer end to point beyond the boundaries of buffer. Subsequently, in the qtdemux_parse_container
function, the while loop can trigger an OOB-read, accessing memory beyond the bounds of buf. This
vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation
fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. (CVE-2024-47543)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-47537

https://security.alpinelinux.org/vuln/CVE-2024-47539

https://security.alpinelinux.org/vuln/CVE-2024-47540

https://security.alpinelinux.org/vuln/CVE-2024-47543

https://security.alpinelinux.org/vuln/CVE-2024-47544

https://security.alpinelinux.org/vuln/CVE-2024-47545

https://security.alpinelinux.org/vuln/CVE-2024-47546

https://security.alpinelinux.org/vuln/CVE-2024-47596

https://security.alpinelinux.org/vuln/CVE-2024-47597

https://security.alpinelinux.org/vuln/CVE-2024-47598

https://security.alpinelinux.org/vuln/CVE-2024-47599

https://security.alpinelinux.org/vuln/CVE-2024-47601

https://security.alpinelinux.org/vuln/CVE-2024-47602

https://security.alpinelinux.org/vuln/CVE-2024-47603

https://security.alpinelinux.org/vuln/CVE-2024-47606

https://security.alpinelinux.org/vuln/CVE-2024-47613

https://security.alpinelinux.org/vuln/CVE-2024-47774

https://security.alpinelinux.org/vuln/CVE-2024-47775

https://security.alpinelinux.org/vuln/CVE-2024-47776

https://security.alpinelinux.org/vuln/CVE-2024-47777

https://security.alpinelinux.org/vuln/CVE-2024-47778

https://security.alpinelinux.org/vuln/CVE-2024-47834

Plugin Details

Severity: High

ID: 427318

Version: Revision 1.3

Type: Local

Published: 5/16/2025

Updated: 12/4/2025

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 97.07

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-47613

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 8.6

Threat Score: 6.1

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 12/6/2024

Reference Information

CVE: CVE-2024-47537, CVE-2024-47539, CVE-2024-47540, CVE-2024-47543, CVE-2024-47544, CVE-2024-47545, CVE-2024-47546, CVE-2024-47596, CVE-2024-47597, CVE-2024-47598, CVE-2024-47599, CVE-2024-47601, CVE-2024-47602, CVE-2024-47603, CVE-2024-47606, CVE-2024-47613, CVE-2024-47774, CVE-2024-47775, CVE-2024-47776, CVE-2024-47777, CVE-2024-47778, CVE-2024-47834