CVE-2024-49776 – A negative-size-param vulnerability in tsMuxer ... (How to Fix)

Q: What is the severity of CVE-2024-49776?

CVE-2024-49776 has a CVSS score of 6.5 (MEDIUM). A negative-size-param vulnerability in tsMuxer allows attackers to cause Denial of Service (DoS) by processing a specially crafted TS video file. This affects users who process untrusted video files with the vulnerable version of tsMuxer. The vulnerability can crash the application, disrupting video processing operations.

📋 TL;DR

A negative-size-param vulnerability in tsMuxer allows attackers to cause Denial of Service (DoS) by processing a specially crafted TS video file. This affects users who process untrusted video files with the vulnerable version of tsMuxer. The vulnerability can crash the application, disrupting video processing operations.

💻 Affected Systems

Products:

tsMuxer

Versions: nightly-2024-04-05-01-53-02

Operating Systems: All platforms running tsMuxer (Windows, Linux, macOS)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where tsMuxer processes TS video files from untrusted sources.

📦 What is this software?

Tsmuxer by Justdan96

View all CVEs affecting Tsmuxer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to service disruption, potentially affecting batch processing systems or services relying on tsMuxer for video processing.

🟠

Likely Case

Application crash when processing malicious TS files, causing temporary DoS for individual users or automated processing pipelines.

🟢

If Mitigated

No impact if proper input validation and file sanitization are implemented before processing.

🌐 Internet-Facing: MEDIUM - Only affects systems that process user-uploaded TS video files, which is less common than web application vulnerabilities.

🏢 Internal Only: LOW - Primarily affects video processing workflows; not typically exposed to internal network attacks unless processing untrusted content.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires the attacker to provide a crafted TS file to the application, which is straightforward if file upload/processing is allowed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check latest tsMuxer releases after the vulnerability disclosure

Vendor Advisory: https://github.com/justdan96/tsMuxer/issues/862

Restart Required: No

Instructions:

1. Update tsMuxer to the latest version from the official repository. 2. Replace the vulnerable binary with the patched version. 3. No restart needed as it's a standalone application.

🔧 Temporary Workarounds

Input Validation

all

Implement file validation before processing TS files with tsMuxer

Sandbox Processing

linux

Run tsMuxer in a container or sandboxed environment to limit impact of crashes

docker run --rm -v $(pwd):/data tsMuxer-container

🧯 If You Can't Patch

Isolate tsMuxer to process only trusted video files from known sources
Implement monitoring for application crashes and alert on abnormal patterns

🔍 How to Verify

Check if Vulnerable:

Check tsMuxer version: tsMuxeR --version should show nightly-2024-04-05-01-53-02 or earlier

Check Version:

tsMuxeR --version

Verify Fix Applied:

Update to latest version and verify the version number has changed from the vulnerable version

📡 Detection & Monitoring

Log Indicators:

Application crash logs from tsMuxer
Abnormal termination of tsMuxer processes

Network Indicators:

Unusual uploads of TS video files to processing systems

SIEM Query:

process_name="tsMuxeR" AND event_type="crash"

📊 Metadata

CVE ID: CVE-2024-49776

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-131

Published: November 14, 2024

Last Updated: September 5, 2025

🔗 References

https://github.com/justdan96/tsMuxer/issues/862 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-49776, you might also want to check these: