CVE-2024-47774 – This CVE describes an out-of-bounds read vulner... (How to Fix)

Q: What is the severity of CVE-2024-47774?

CVE-2024-47774 has a CVSS score of 9.1 (CRITICAL). This CVE describes an out-of-bounds read vulnerability in GStreamer's subtitle parsing function. Attackers could exploit this to read sensitive memory contents or potentially cause denial of service. Any application using vulnerable GStreamer versions for media processing is affected.

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in GStreamer's subtitle parsing function. Attackers could exploit this to read sensitive memory contents or potentially cause denial of service. Any application using vulnerable GStreamer versions for media processing is affected.

💻 Affected Systems

Products:

GStreamer

Versions: All versions before 1.24.10

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using GStreamer to parse AVI files with subtitles is vulnerable. This includes media players, video editors, and multimedia applications.

📦 What is this software?

Gstreamer by Gstreamer Project

View all CVEs affecting Gstreamer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure through memory reading, potential remote code execution if combined with other vulnerabilities, or application crash leading to denial of service.

🟠

Likely Case

Application crash causing denial of service, or information leakage from process memory.

🟢

If Mitigated

Limited impact if proper memory protections (ASLR, DEP) are enabled, though information disclosure remains possible.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting a malicious AVI file with subtitle chunks. The vulnerability is triggered during file parsing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.24.10

Vendor Advisory: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043.patch

Restart Required: Yes

Instructions:

1. Identify GStreamer version using 'gst-launch-1.0 --version'
2. Update to version 1.24.10 or later using your package manager
3. Restart all applications using GStreamer
4. Verify the update with 'gst-launch-1.0 --version'

🔧 Temporary Workarounds

Disable AVI subtitle parsing

all

Configure applications to disable AVI subtitle processing if not needed

Application-specific configuration required

Input validation

all

Implement file type validation and sanitization before passing to GStreamer

Implement custom file validation in application code

🧯 If You Can't Patch

Implement network segmentation to isolate vulnerable systems
Use application allowlisting to restrict which applications can process media files

🔍 How to Verify

Check if Vulnerable:

Check GStreamer version with 'gst-launch-1.0 --version' and compare to 1.24.10

Check Version:

gst-launch-1.0 --version

Verify Fix Applied:

Verify version is 1.24.10 or higher with 'gst-launch-1.0 --version'

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing AVI files
Memory access violation errors in application logs
Unexpected process termination

Network Indicators:

Unusual AVI file transfers to media processing systems

SIEM Query:

Process:gst* AND (EventID:1000 OR EventID:1001) OR FileExtension:avi AND Process:gst*

📊 Metadata

CVE ID: CVE-2024-47774

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: December 12, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47774, you might also want to check these: