[Apollo] Advisories Statistics light light Login

RLSA-2025:7242

Security Mirrored from RHSA-2025:7242
Issued at: 2025-10-04
Updated at: 2025-10-15

Synopsis

Moderate: gstreamer1-plugins-good security update



Description

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.

Security Fix(es):

* gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)

* gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)

* gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)

* gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)

* gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)

* gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)

* gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)

* gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)

* gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)

* gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)

* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)

* gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)

* gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)

* gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)

* gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)

* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)

* gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9 Release Notes linked from the References section.



Affected products

Rocky Linux 9.6 aarch64 Rocky Linux 9.6 ppc64le Rocky Linux 9.6 s390x Rocky Linux 9.6 x86_64

Fixes

2331723 2331739 2331741 2331743 2331744 2331747 2331748 2331749 2331750 2331751 2331752 2331755 2331756 2331759 2331761 2331762 2331763

CVEs

CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601 CVE-2024-47602 CVE-2024-47603 CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 CVE-2024-47777 CVE-2024-47778 CVE-2024-47834

Affected packages

Rocky Linux 9.6 aarch64 - AppStream

gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64.rpm gstreamer1-plugins-good-0:1.22.12-4.el9.src.rpm gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64.rpm gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64.rpm gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64.rpm gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64.rpm

Rocky Linux 9.6 x86_64 - AppStream

gstreamer1-plugins-good-0:1.22.12-4.el9.i686.rpm gstreamer1-plugins-good-0:1.22.12-4.el9.src.rpm gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64.rpm gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64.rpm gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64.rpm gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686.rpm gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64.rpm gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64.rpm

Rocky Linux 9.6 ppc64le - AppStream

gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le.rpm gstreamer1-plugins-good-0:1.22.12-4.el9.src.rpm gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le.rpm gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le.rpm gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le.rpm gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le.rpm

Rocky Linux 9.6 s390x - AppStream

gstreamer1-plugins-good-0:1.22.12-4.el9.s390x.rpm gstreamer1-plugins-good-0:1.22.12-4.el9.src.rpm gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x.rpm gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x.rpm gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x.rpm gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x.rpm