Amazon Linux 2 Security Advisory: ALAS2-2025-2747
Advisory Released Date: 2025-02-04
Advisory Updated Date: 2025-09-23
FAQs regarding Amazon Linux ALAS/CVE Severity
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels exceeds 64, the for loop will write beyond the boundaries of the position array. The value written will always be `GST_AUDIO_CHANNEL_POSITION_NONE`. This vulnerability allows someone to overwrite the EIP address allocated in the stack. Additionally, this bug can overwrite the `GstAudioInfo` info structure. This vulnerability is fixed in 1.24.10. (CVE-2024-47538)
GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will write beyond the boundaries of the pos array. The value written will always be GST_AUDIO_CHANNEL_POSITION_NONE. This bug allows to overwrite the EIP address allocated in the stack. This vulnerability is fixed in 1.24.10. (CVE-2024-47607)
GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed the fixed size of the pad->vorbis_mode_sizes array (which size is 256). When this happens, the for loop overwrites the entire pad structure with 0s and 1s, affecting adjacent memory as well. This OOB-write can overwrite up to 380 bytes of memory beyond the boundaries of the pad->vorbis_mode_sizes array. This vulnerability is fixed in 1.24.10. (CVE-2024-47615)
Affected Packages:
gstreamer1-plugins-base
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update gstreamer1-plugins-base or yum update --advisory ALAS2-2025-2747 to update your system.
aarch64:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.7.aarch64
gstreamer1-plugins-base-tools-1.18.4-5.amzn2.0.7.aarch64
gstreamer1-plugins-base-devel-1.18.4-5.amzn2.0.7.aarch64
gstreamer1-plugins-base-debuginfo-1.18.4-5.amzn2.0.7.aarch64
i686:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.7.i686
gstreamer1-plugins-base-tools-1.18.4-5.amzn2.0.7.i686
gstreamer1-plugins-base-devel-1.18.4-5.amzn2.0.7.i686
gstreamer1-plugins-base-debuginfo-1.18.4-5.amzn2.0.7.i686
src:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.7.src
x86_64:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.7.x86_64
gstreamer1-plugins-base-tools-1.18.4-5.amzn2.0.7.x86_64
gstreamer1-plugins-base-devel-1.18.4-5.amzn2.0.7.x86_64
gstreamer1-plugins-base-debuginfo-1.18.4-5.amzn2.0.7.x86_64
2025-09-23: CVE-2024-4453 was removed to this advisory.