Home / mailingsPDF  

[gentoo-announce] [ GLSA 202506-02 ] GStreamer, GStreamer Plugins: Multiple Vulnerabilities

Posted on 12 June 2025
Gentoo-announce

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202506-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: GStreamer, GStreamer Plugins: Multiple Vulnerabilities
Date: June 12, 2025
Bugs: #948198
ID: 202506-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========
Multiple vulnerabilities have been discovered in GStreamer and GStreamer
Plugins, the worst of which could lead to code execution.

Background
==========
GStreamer is an open source multimedia framework.

Affected packages
=================
Package Vulnerable Unaffected
--------------------------- ------------ ------------
media-libs/gst-plugins-base < 1.24.10 >= 1.24.10
media-libs/gstreamer < 1.24.10 >= 1.24.10

Description
===========
Multiple vulnerabilities have been discovered in GStreamer, GStreamer
Plugins. Please review the CVE identifiers referenced below for details.

Impact
======
Please review the referenced CVE identifiers for details.

Workaround
==========
There is no known workaround at this time.

Resolution
==========
All GStreamer, GStreamer Plugins users should upgrade to the latest
versions:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/gstreamer-1.24.10" ">=media-libs/gst-plugins-bad-1.24.10"

References
==========
[ 1 ] CVE-2024-44331
https://nvd.nist.gov/vuln/detail/CVE-2024-44331
[ 2 ] CVE-2024-47537
https://nvd.nist.gov/vuln/detail/CVE-2024-47537
[ 3 ] CVE-2024-47538
https://nvd.nist.gov/vuln/detail/CVE-2024-47538
[ 4 ] CVE-2024-47539
https://nvd.nist.gov/vuln/detail/CVE-2024-47539
[ 5 ] CVE-2024-47540
https://nvd.nist.gov/vuln/detail/CVE-2024-47540
[ 6 ] CVE-2024-47541
https://nvd.nist.gov/vuln/detail/CVE-2024-47541
[ 7 ] CVE-2024-47542
https://nvd.nist.gov/vuln/detail/CVE-2024-47542
[ 8 ] CVE-2024-47543
https://nvd.nist.gov/vuln/detail/CVE-2024-47543
[ 9 ] CVE-2024-47544
https://nvd.nist.gov/vuln/detail/CVE-2024-47544
[ 10 ] CVE-2024-47545
https://nvd.nist.gov/vuln/detail/CVE-2024-47545
[ 11 ] CVE-2024-47546
https://nvd.nist.gov/vuln/detail/CVE-2024-47546
[ 12 ] CVE-2024-47596
https://nvd.nist.gov/vuln/detail/CVE-2024-47596
[ 13 ] CVE-2024-47597
https://nvd.nist.gov/vuln/detail/CVE-2024-47597
[ 14 ] CVE-2024-47598
https://nvd.nist.gov/vuln/detail/CVE-2024-47598
[ 15 ] CVE-2024-47599
https://nvd.nist.gov/vuln/detail/CVE-2024-47599
[ 16 ] CVE-2024-47600
https://nvd.nist.gov/vuln/detail/CVE-2024-47600
[ 17 ] CVE-2024-47601
https://nvd.nist.gov/vuln/detail/CVE-2024-47601
[ 18 ] CVE-2024-47602
https://nvd.nist.gov/vuln/detail/CVE-2024-47602
[ 19 ] CVE-2024-47603
https://nvd.nist.gov/vuln/detail/CVE-2024-47603
[ 20 ] CVE-2024-47606
https://nvd.nist.gov/vuln/detail/CVE-2024-47606
[ 21 ] CVE-2024-47607
https://nvd.nist.gov/vuln/detail/CVE-2024-47607
[ 22 ] CVE-2024-47613
https://nvd.nist.gov/vuln/detail/CVE-2024-47613
[ 23 ] CVE-2024-47615
https://nvd.nist.gov/vuln/detail/CVE-2024-47615
[ 24 ] CVE-2024-47774
https://nvd.nist.gov/vuln/detail/CVE-2024-47774
[ 25 ] CVE-2024-47775
https://nvd.nist.gov/vuln/detail/CVE-2024-47775
[ 26 ] CVE-2024-47776
https://nvd.nist.gov/vuln/detail/CVE-2024-47776
[ 27 ] CVE-2024-47777
https://nvd.nist.gov/vuln/detail/CVE-2024-47777
[ 28 ] CVE-2024-47778
https://nvd.nist.gov/vuln/detail/CVE-2024-47778
[ 29 ] CVE-2024-47834
https://nvd.nist.gov/vuln/detail/CVE-2024-47834
[ 30 ] CVE-2024-47835
https://nvd.nist.gov/vuln/detail/CVE-2024-47835
[ 31 ] GStreamer-SA-2024-0003
https://gstreamer.freedesktop.org/security/sa-2024-0003.html
[ 32 ] GStreamer-SA-2024-0004
https://gstreamer.freedesktop.org/security/sa-2024-0004.html

Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/202506-02

Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======
Copyright 2025 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5
--===============8514896702430584120==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

 

TOP

Mailings :

Exploits :