Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header
Vulnerability Description
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will write beyond the boundaries of the pos array. The value written will always be GST_AUDIO_CHANNEL_POSITION_NONE. This bug allows to overwrite the EIP address allocated in the stack. This vulnerability is fixed in 1.24.10.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
GStreamer 安全漏洞
Vulnerability Description
GStreamer是GStreamer开源的一套用于处理流媒体的框架。 GStreamer存在安全漏洞,该漏洞源于在gstopusdec.c中的gst_opus_dec_parse_header函数中检测到堆栈缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A