{"id":"CVE-2024-4453","details":"GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-23896.","modified":"2026-04-15T23:59:35.592498920Z","published":"2024-05-22T20:15:09.923Z","related":["ALSA-2024:9056","ALSA-2025:7178","SUSE-SU-2024:1882-1","SUSE-SU-2024:1882-2","SUSE-SU-2024:1886-1","SUSE-SU-2024:1893-1","SUSE-SU-2024:1910-1","SUSE-SU-2024:1945-1","openSUSE-SU-2024:14005-1"],"references":[{"type":"ADVISORY","url":"https://www.zerodayinitiative.com/advisories/ZDI-24-467/"},{"type":"FIX","url":"https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00019.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gstreamer/gstreamer","events":[{"introduced":"0"},{"last_affected":"b125253cade5432e535ef2ea848ac00d2fb5286d"},{"introduced":"0"},{"last_affected":"0d0a1d9d16d1eb0f5355202c9f8f3ae6df19cf3b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.24.0"},{"introduced":"0"},{"last_affected":"1.24.1"}]}},{"type":"GIT","repo":"https://gitlab.freedesktop.org/tpm/gstreamer","events":[{"introduced":"0"},{"fixed":"e68eccff103ab0e91e6d77a892f57131b33902f5"}]}],"versions":["1.0.0","1.0.1","1.0.2","1.1.1","1.1.2","1.1.3","1.1.4","1.1.90","1.10.0","1.11.0","1.11.1","1.11.2","1.11.90","1.11.91","1.12.0","1.13.1","1.13.90","1.13.91","1.14.0","1.15.1","1.15.2","1.15.90","1.16.0","1.17.1","1.17.2","1.17.90","1.18.0","1.19.1","1.19.2","1.19.3","1.19.90","1.2.0","1.20.0","1.21.1","1.21.2","1.21.3","1.21.90","1.22.0","1.23.1","1.23.2","1.23.90","1.24.0","1.24.1","1.3.1","1.3.2","1.3.3","1.3.90","1.3.91","1.4.0","1.5.1","1.5.2","1.5.90","1.5.91","1.6.0","1.7.1","1.7.2","1.7.90","1.7.91","1.8.0","1.9.1","1.9.2","1.9.90","BEFORE_INDENT","BRANCH-AUTOPLUG2-ROOT","BRANCH-BUILD1-200112061-ROOT","BRANCH-BUILD1-200112101-ROOT","BRANCH-BUILD1-20011216-FREEZE","BRANCH-BUILD1-ROOT","BRANCH-CAPSNEGO1-ROOT","BRANCH-ERROR-ROOT","BRANCH-EVENTS1-200110161-ROOT","BRANCH-EVENTS1-ROOT","BRANCH-EVENTS2-ROOT","BRANCH-GOBJECT1-200106241-ROOT","BRANCH-GOBJECT1-ROOT","BRANCH-GSTREAMER-0_6-ROOT","BRANCH-GSTREAMER-0_8-ROOT","BRANCH-INCSCHED1-200104161-ROOT","BRANCH-INCSCHED1-200104251-ROOT","BRANCH-INCSCHED1-200105231-ROOT","BRANCH-INCSCHED1-200105251-ROOT","BRANCH-INCSCHED1-ROOT","BRANCH-PLUGINVER1-20010422-ROOT","BRANCH-PLUGINVER1-ROOT","BRANCH-RELEASE-0_3_3-ROOT","BRANCH-RELEASE-0_3_4-ROOT","BRANCH-RELEASE-0_4_0-ROOT","BRANCH-RELEASE-0_4_1-ROOT","BRANCH-RELEASE-0_4_2-ROOT","BRANCH-RELEASE-0_5_0-ROOT","BRANCH-RELEASE-0_5_1-ROOT","BRANCH-RELEASE-0_5_2-ROOT","BRANCH-RELEASE-0_7_2-ROOT","BRANCH-RELEASE-0_7_4-ROOT","BRANCH-RELEASE-0_7_5-ROOT","CAPS-MERGE-1","CAPS-MERGE-2","CAPS-MERGE-3","CAPS-ROOT","CHANGELOG_START","DEBIAN-0_3_1-1","EVENTS1-200110161-FREEZE","GIT_CONVERSION","GOBJECT1-200106241","GOBJECT1-200106241-FREEZE","HEAD-20010306-PRE_AUTOPLUG2","HEAD-20010312-PRE_CAPSNEGO1","INCSCHED1-200105251","INCSCHED1-200105251-FREEZE","MOVE-TO-FDO","OSLOSUMMIT1-200303051","PLUGINVER1-20010422","PLUGINVER1-20010422-FREEZE","RELEASE-0.10.23","RELEASE-0.10.24","RELEASE-0.10.25","RELEASE-0.10.26","RELEASE-0.10.27","RELEASE-0.10.28","RELEASE-0.10.29","RELEASE-0.10.30","RELEASE-0.10.31","RELEASE-0.11.0","RELEASE-0.11.1","RELEASE-0.11.2","RELEASE-0.11.90","RELEASE-0.11.91","RELEASE-0.11.92","RELEASE-0.11.93","RELEASE-0.11.94","RELEASE-0.11.99","RELEASE-0_10_0","RELEASE-0_10_1","RELEASE-0_10_10","RELEASE-0_10_11","RELEASE-0_10_12","RELEASE-0_10_13","RELEASE-0_10_14","RELEASE-0_10_15","RELEASE-0_10_16","RELEASE-0_10_17","RELEASE-0_10_18","RELEASE-0_10_2","RELEASE-0_10_20","RELEASE-0_10_21","RELEASE-0_10_22","RELEASE-0_10_3","RELEASE-0_10_4","RELEASE-0_10_5","RELEASE-0_10_6","RELEASE-0_10_7","RELEASE-0_10_8","RELEASE-0_10_9","RELEASE-0_1_0-SLIPSTREAM","RELEASE-0_1_1-DUCTTAPE","RELEASE-0_2_0-CRITICALMASS","RELEASE-0_2_1-SEDIMASTER","RELEASE-0_2_1-UNKN","RELEASE-0_3_0-EVENTFUL","RELEASE-0_3_1-BELGIANBEER","RELEASE-0_3_2-DOBDAY","RELEASE-0_7_1","RELEASE-0_7_2","RELEASE-0_7_3","RELEASE-0_7_6","RELEASE-0_8_0","RELEASE-0_8_1","RELEASE-0_8_2","RELEASE-0_8_3","RELEASE-0_8_4","RELEASE-0_8_6","RELEASE-0_8_7","RELEASE-0_8_8","RELEASE-0_8_9","RELEASE-0_9_2","RELEASE-0_9_3","RELEASE-0_9_4","RELEASE-0_9_5","RELEASE-0_9_6","RELEASE-0_9_7","TYPEFIND-ROOT","monorepo-start","start"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-4453.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}],"vanir_signatures":[{"source":"https://gitlab.freedesktop.org/tpm/gstreamer@e68eccff103ab0e91e6d77a892f57131b33902f5","id":"CVE-2024-4453-5e054e66","target":{"file":"subprojects/gst-plugins-base/gst-libs/gst/tag/gstexiftag.c"},"signature_version":"v1","deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["176571563201793301627103106040561745296","38540104358541471318103527613846554815","171235426091020509488149698463703430525","226398381777976192402224586243580218957","42564259484944370973323079414125742324","190560235683313638245896674016344376273","159948001558508799267354796437910878177","212049228029188228208422035187817358718","296478924049401713729423579631023445943","54262115459122324799573824910921596744","202028622915728273955298970075674334591","20880544796876987544154857583683435528","154456053074330703810028235726798405261"]}},{"source":"https://gitlab.freedesktop.org/tpm/gstreamer@e68eccff103ab0e91e6d77a892f57131b33902f5","id":"CVE-2024-4453-eed05daa","target":{"file":"subprojects/gst-plugins-base/gst-libs/gst/tag/gstexiftag.c","function":"parse_exif_undefined_tag"},"signature_version":"v1","deprecated":false,"signature_type":"Function","digest":{"length":1579,"function_hash":"235243883505878765686441169095408698966"}}],"vanir_signatures_modified":"2026-04-11T01:48:25Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}