mirror of
https://gitlab.freedesktop.org/gstreamer/gstreamer.git
synced 2024-12-22 00:06:36 +00:00
95ca7014c8
Ship these also as part of the monorepo, so we can prepare new advisories as part of the relevant merge requests in the private gstreamer-security repository. Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7610>
50 lines
1.4 KiB
Markdown
50 lines
1.4 KiB
Markdown
# Security Advisory 2024-0003 (JVN#02030803, JPCERT#92912620, CVE-2024-40897)
|
|
|
|
<div class="vertical-table">
|
|
|
|
| | |
|
|
| ----------------- | --- |
|
|
| Summary | Orc compiler stack-based buffer overflow |
|
|
| Date | 2024-07-19 12:30 |
|
|
| Affected Versions | orc < 0.4.39 |
|
|
| IDs | GStreamer-SA-2024-0003<br/>JVN#02030803 / JPCERT#92912620<br/>CVE-2024-40897 |
|
|
|
|
</div>
|
|
|
|
## Details
|
|
|
|
Stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files.
|
|
|
|
## Impact
|
|
|
|
It is possible for a malicious third party to trigger a buffer overflow and
|
|
effect code execution with the same privileges as the orc compiler is called
|
|
with by feeding it with malformed orc source files.
|
|
|
|
This only affects developers and CI environments using orcc, not users of liborc.
|
|
|
|
## Solution
|
|
|
|
The Orc 0.4.39 release address the issue.
|
|
People using older branches of Orc should apply the patches and recompile.
|
|
|
|
## References
|
|
|
|
### The GStreamer project
|
|
|
|
- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org)
|
|
|
|
### CVE Database Entries
|
|
|
|
- [CVE-2024-40897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40897)
|
|
|
|
### GStreamer Orc releases
|
|
|
|
#### 0.4.39
|
|
|
|
- [Orc 0.4.39 release notes](https://discourse.gstreamer.org/t/orc-0-4-39-release/1969)
|
|
- [Orc 0.4.39 tarball (.tar.xz)](/src/orc/orc-0.4.39.tar.xz)
|
|
|
|
### Patches
|
|
|
|
- [Patch](https://gitlab.freedesktop.org/gstreamer/orc/-/merge_requests/191.patch)
|