Amazon Linux 2 Security Advisory: ALAS2-2025-2971
Advisory Released Date: 2025-08-19
Advisory Updated Date: 2025-08-19
FAQs regarding Amazon Linux ALAS/CVE Severity
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha) style override codes, which are enclosed in curly brackets ({}). The issue arises when a closing curly bracket "}" appears before an opening curly bracket "{" in the input string. In this case, memmove() incorrectly duplicates a substring. With each successive loop iteration, the size passed to memmove() becomes progressively larger (strlen(end+1)), leading to a write beyond the allocated memory bounds. This vulnerability is fixed in 1.24.10. (CVE-2024-47541)
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10. (CVE-2024-47542)
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the format_channel_mask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the function gst_discoverer_audio_info_get_channels may return a guint channels value greater than 64. This causes the for loop to attempt access beyond the bounds of the position array, resulting in an OOB-read when an index greater than 63 is used. This vulnerability can result in reading unintended bytes from the stack. Additionally, the dereference of value->value_nick after the OOB-read can lead to further memory corruption or undefined behavior. This vulnerability is fixed in 1.24.10. (CVE-2024-47600)
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer returned by this call is then passed to g_strdup(). However, if the string line does not contain the character ']', strchr() returns NULL, and a call to g_strdup(start + 1) leads to a null pointer dereference. This vulnerability is fixed in 1.24.10. (CVE-2024-47835)
Affected Packages:
gstreamer1-plugins-base
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update gstreamer1-plugins-base or yum update --advisory ALAS2-2025-2971 to update your system.
aarch64:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.8.aarch64
gstreamer1-plugins-base-tools-1.18.4-5.amzn2.0.8.aarch64
gstreamer1-plugins-base-devel-1.18.4-5.amzn2.0.8.aarch64
gstreamer1-plugins-base-debuginfo-1.18.4-5.amzn2.0.8.aarch64
i686:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.8.i686
gstreamer1-plugins-base-tools-1.18.4-5.amzn2.0.8.i686
gstreamer1-plugins-base-devel-1.18.4-5.amzn2.0.8.i686
gstreamer1-plugins-base-debuginfo-1.18.4-5.amzn2.0.8.i686
src:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.8.src
x86_64:
gstreamer1-plugins-base-1.18.4-5.amzn2.0.8.x86_64
gstreamer1-plugins-base-tools-1.18.4-5.amzn2.0.8.x86_64
gstreamer1-plugins-base-devel-1.18.4-5.amzn2.0.8.x86_64
gstreamer1-plugins-base-debuginfo-1.18.4-5.amzn2.0.8.x86_64