CVE-2024-47598: 
NixOS vulnerability analysis and mitigation

An out-of-bounds read vulnerability (CVE-2024-47598) was discovered in GStreamer's qtdemuxmergesampletable function within qtdemux.c. The vulnerability affects GStreamer versions prior to 1.24.10, where the size of the stts buffer isn't properly checked before reading sttsduration, allowing the program to read 4 bytes beyond the boundaries of stts->data (GitHub Advisory, GStreamer Advisory).

The vulnerability exists in the qtdemuxmergesampletable function of GStreamer's MP4/MOV demuxer. The issue occurs when handling raw audio tracks, where the function fails to properly validate the size of the stts buffer before attempting to read sttsduration. This results in the program reading 4 bytes past the allocated bounds of the stts array. The vulnerability has been assigned a CVSS v3.1 Base Score of 9.1 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) (NVD).

The vulnerability can lead to out-of-bounds reads that result in application crashes when processing certain input files. This could be exploited by a malicious third party to cause denial of service conditions in applications using the affected GStreamer versions (GStreamer Advisory).

The vulnerability has been fixed in GStreamer version 1.24.10. Users are advised to upgrade to this version or later. For those using older branches of GStreamer, it is recommended to apply the security patch and recompile the software (GStreamer Advisory).