CVE-2024-47778 – This CVE describes an out-of-bounds read vulner... (How to Fix)

Q: What is the severity of CVE-2024-47778?

CVE-2024-47778 has a CVSS score of 7.5 (HIGH). This CVE describes an out-of-bounds read vulnerability in GStreamer's WAV file parser that occurs when processing malformed ADTL chunks. Attackers can exploit this to read up to 4GB of process memory or cause segmentation faults. Any application using vulnerable GStreamer versions to parse WAV files is affected.

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in GStreamer's WAV file parser that occurs when processing malformed ADTL chunks. Attackers can exploit this to read up to 4GB of process memory or cause segmentation faults. Any application using vulnerable GStreamer versions to parse WAV files is affected.

💻 Affected Systems

Products:

GStreamer

Versions: All versions before 1.24.10

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using GStreamer's gstwavparse element to process WAV files is vulnerable.

📦 What is this software?

Gstreamer by Gstreamer Project

View all CVEs affecting Gstreamer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive process memory (up to 4GB) or denial of service via application crash.

🟠

Likely Case

Application crash/denial of service when processing malicious WAV files.

🟢

If Mitigated

No impact if patched version is used or WAV parsing is disabled.

🌐 Internet-Facing: MEDIUM - Applications accepting user-uploaded WAV files could be exploited remotely.

🏢 Internal Only: LOW - Requires local file processing or internal network access to malicious files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires processing a malicious WAV file; no authentication needed for file processing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.24.10

Vendor Advisory: https://gstreamer.freedesktop.org/security/sa-2024-0027.html

Restart Required: Yes

Instructions:

1. Update GStreamer to version 1.24.10 or later
2. Restart all applications using GStreamer
3. Rebuild any applications statically linked to GStreamer

🔧 Temporary Workarounds

Disable WAV parsing

linux

Remove or disable gstwavparse plugin to prevent WAV file processing

mv /usr/lib/gstreamer-1.0/libgstwavparse.so /usr/lib/gstreamer-1.0/libgstwavparse.so.disabled

🧯 If You Can't Patch

Implement strict file upload validation to reject suspicious WAV files
Isolate GStreamer applications in containers with limited memory access

🔍 How to Verify

Check if Vulnerable:

Check GStreamer version: gst-inspect-1.0 --version

Check Version:

gst-inspect-1.0 --version

Verify Fix Applied:

Verify version is 1.24.10 or higher: gst-inspect-1.0 --version | grep -q '1.24.10\|1.24.1[1-9]\|1.2[5-9]'

📡 Detection & Monitoring

Log Indicators:

Segmentation fault (SEGV) errors in application logs
Unexpected memory access patterns in system logs

Network Indicators:

Unusual WAV file uploads to media processing services

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "SIGSEGV") AND process="*gstreamer*"

📊 Metadata

CVE ID: CVE-2024-47778

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-125

Published: December 12, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47778, you might also want to check these: