Bug 1219453 (CVE-2024-0444)

Summary: VUL-0: CVE-2024-0444: gstreamer-plugins-bad: AV1 codec parser potential buffer overflow during tile list parsing (ZDI-CAN-22300)
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Leroy <thomas.leroy>
Component: IncidentsAssignee: Antonio Larrosa <alarrosa>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: camila.matos
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/392748/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-0444:8.0:(AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Leroy 2024-02-01 14:48:57 UTC 
Heap-based buffer overflow in the AV1 codec parser when handling certain malformed streams before GStreamer 1.22.9

Impact
It is possible for a malicious third party to trigger a crash in the application, and possibly also effect code execution through heap manipulation.
Threat mitigation

Workarounds
Solution
The gst-plugins-bad 1.22.9 releases address the issue. People using older branches of GStreamer should apply the patch and recompile.

References:
https://gstreamer.freedesktop.org/security/sa-2024-0001.html
Comment 2 Thomas Leroy 2024-02-02 08:23:32 UTC 
Only AV1 supported versions are affected:

- SUSE:SLE-15-SP4:Update
- SUSE:SLE-15-SP5:Update
- SUSE:ALP:Source:Standard:1.0