CVE-2024-47545 – This CVE describes an integer underflow vulnera... (How to Fix)

Q: What is the severity of CVE-2024-47545?

CVE-2024-47545 has a CVSS score of 7.5 (HIGH). This CVE describes an integer underflow vulnerability in GStreamer's qtdemux component that can lead to out-of-bounds memory reads. Attackers could exploit this by crafting malicious media files to cause crashes or potentially leak sensitive memory contents. Any application using vulnerable GStreamer versions for media processing is affected.

📋 TL;DR

This CVE describes an integer underflow vulnerability in GStreamer's qtdemux component that can lead to out-of-bounds memory reads. Attackers could exploit this by crafting malicious media files to cause crashes or potentially leak sensitive memory contents. Any application using vulnerable GStreamer versions for media processing is affected.

💻 Affected Systems

Products:

GStreamer
Applications using GStreamer library

Versions: GStreamer versions before 1.24.10

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using GStreamer's qtdemux component to parse MP4/QuickTime files is vulnerable

📦 What is this software?

Gstreamer by Gstreamer Project

View all CVEs affecting Gstreamer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution or sensitive information disclosure through memory corruption and OOB reads

🟠

Likely Case

Application crashes (denial of service) when processing malicious media files

🟢

If Mitigated

Limited to denial of service if memory protections prevent code execution

🌐 Internet-Facing: MEDIUM - Requires processing attacker-controlled media files, but many web/media servers use GStreamer

🏢 Internal Only: LOW - Requires users to open malicious media files internally

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious media files; no public exploit code available yet

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.24.10

Vendor Advisory: https://gstreamer.freedesktop.org/security/sa-2024-0010.html

Restart Required: Yes

Instructions:

1. Update GStreamer to version 1.24.10 or later. 2. Restart all applications using GStreamer. 3. Rebuild any applications statically linked to GStreamer.

🔧 Temporary Workarounds

Disable qtdemux parsing

linux

Prevent processing of MP4/QuickTime files by disabling or removing qtdemux plugin

gst-inspect-1.0 --plugins | grep qtdemux
rm /usr/lib/gstreamer-1.0/libgstqtdemux.so

🧯 If You Can't Patch

Implement strict input validation for media files from untrusted sources
Run GStreamer applications in sandboxed/containerized environments with limited privileges

🔍 How to Verify

Check if Vulnerable:

Check GStreamer version: gst-inspect-1.0 --version

Check Version:

gst-inspect-1.0 --version

Verify Fix Applied:

Verify version is 1.24.10 or higher: gst-inspect-1.0 --version | grep -E '1\.24\.(1[0-9]|[2-9][0-9])|1\.2[5-9]|1\.[3-9]'

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults
Memory access violation errors in logs
Failed media file parsing

Network Indicators:

Unusual media file uploads to servers
Multiple failed media processing requests

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "SIGSEGV" OR "memory violation") AND process="gst*"

📊 Metadata

CVE ID: CVE-2024-47545

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-191

Published: December 12, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47545, you might also want to check these: