CVE-2024-47543 – This CVE describes an out-of-bounds read vulner... (How to Fix)

Q: What is the severity of CVE-2024-47543?

CVE-2024-47543 has a CVSS score of 7.5 (HIGH). This CVE describes an out-of-bounds read vulnerability in GStreamer's qtdemux component that occurs when parsing malformed media containers. Attackers can exploit this to read up to 4GB of process memory or cause segmentation faults. Any application using vulnerable GStreamer versions for media processing is affected.

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in GStreamer's qtdemux component that occurs when parsing malformed media containers. Attackers can exploit this to read up to 4GB of process memory or cause segmentation faults. Any application using vulnerable GStreamer versions for media processing is affected.

💻 Affected Systems

Products:

GStreamer
Applications using GStreamer library

Versions: GStreamer versions before 1.24.10

Operating Systems: Linux, Windows, macOS, BSD systems with GStreamer

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when parsing malformed MP4/QuickTime containers. Any application using GStreamer's qtdemux component is vulnerable.

📦 What is this software?

Gstreamer by Gstreamer Project

View all CVEs affecting Gstreamer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive process memory (up to 4GB), potential denial of service via segmentation fault, and possible remote code execution if combined with other vulnerabilities.

🟠

Likely Case

Denial of service through application crashes and potential information leakage from process memory.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing, though memory reads could still occur.

🌐 Internet-Facing: MEDIUM - Requires processing attacker-controlled media files, which could be delivered via web applications, email attachments, or media streams.

🏢 Internal Only: LOW - Requires user interaction or specific media processing workflows within internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires delivering a specially crafted media file to be processed. No authentication needed if application processes external media files.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.24.10

Vendor Advisory: https://gstreamer.freedesktop.org/security/sa-2024-0009.html

Restart Required: Yes

Instructions:

1. Update GStreamer to version 1.24.10 or later. 2. For Linux distributions: Use package manager (apt/yum/dnf) to update gstreamer packages. 3. Restart applications using GStreamer. 4. Rebuild any custom applications linked against GStreamer.

🔧 Temporary Workarounds

Input validation and filtering

all

Implement strict input validation for media files before processing with GStreamer

Sandbox media processing

linux

Run GStreamer media processing in isolated containers or sandboxes

docker run --security-opt=no-new-privileges -v /media:/media gstreamer-app

🧯 If You Can't Patch

Implement network segmentation to isolate media processing systems
Deploy application allowlisting to prevent execution of untrusted media files

🔍 How to Verify

Check if Vulnerable:

Check GStreamer version: gst-inspect-1.0 --version | grep 'version'

Check Version:

gst-inspect-1.0 --version

Verify Fix Applied:

Verify version is 1.24.10 or higher: gst-inspect-1.0 --version

📡 Detection & Monitoring

Log Indicators:

Segmentation fault logs from applications using GStreamer
Abnormal memory access patterns in system logs
Application crashes during media file processing

Network Indicators:

Unusual media file uploads to web applications
Suspicious media streaming patterns

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "SIGSEGV") AND ("gstreamer" OR "media processing")

📊 Metadata

CVE ID: CVE-2024-47543

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-125

Published: December 12, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47543, you might also want to check these: