Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2025:02020-1 important: gstreamer-plugins-base multiple issues

suse
Calendar Grey June 19, 2025
Dist Suse Esm H88
SUSE upgrade resolves significant security concerns in gstreamer-plugins-base, tackling several weaknesses.
* bsc#1234415 * bsc#1234450 * bsc#1234453 * bsc#1234455 * bsc#1234456

Summary

## This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed stack-buffer overflow in vorbis_handle_identification_packet (bnc#1234415) * CVE-2024-47600: Fixed out-of-bounds read in gst-discoverer-1.0 commandline tool (bnc#1234453) * CVE-2024-47615: Fixed out-of-bounds write in Ogg demuxer (bnc#1234456) * CVE-2024-47542: Fixed ID3v2 parser out-of-bounds read and NULL-pointer dereference (bnc#1234460) * CVE-2024-47607: Fixed stack buffer-overflow in Opus decoder (bnc#1234455) * CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser (bnc#1234450) * CVE-2024-47541: Fixed out-of-bounds write in SSA subtitle parser (bnc#1234459) * CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (boo#1244404)

Topics%20covered

Topics Covered

security advisory buffer overflow important suse out-of-bounds gstreamer-plugins-base

References

* bsc#1234415

* bsc#1234450

* bsc#1234453

* bsc#1234455

* bsc#1234456

* bsc#1234459

* bsc#1234460

* bsc#1244403

* bsc#1244404

* bsc#1244407

Cross-

* CVE-2024-47538

* CVE-2024-47541

* CVE-2024-47542

* CVE-2024-47600

* CVE-2024-47607

* CVE-2024-47615

* CVE-2024-47835

* CVE-2025-47806

* CVE-2025-47807

* CVE-2025-47808

CVSS scores:

* CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-47538 ( NVD ): 8.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-47541 ( SUSE ): 6.9

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:02020-1
Release Date: 2025-06-19T08:35:06Z
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow important suse out-of-bounds gstreamer-plugins-base

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here