jvndb - jvndb-2024-000075

jvndb-2024-000075

Vulnerability from jvndb

Published

2024-07-26 13:55

Modified

2024-07-26 13:55

Severity

7.0 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

ORC vulnerable to stack-based buffer overflow

Details

ORC provided by GStreamer is typically used when developing GStreamer plugins. Stack-based buffer overflow vulnerability (CWE-121) exists in orcparse.c of ORC. Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type	URL
JVN	https://jvn.jp/en/jp/JVN02030803/index.html
CVE	https://www.cve.org/CVERecord?id=CVE-2024-40897
Buffer Errors(CWE-119)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor	Product
GStreamer	ORC

Show details on JVN DB website

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000075.html",
  "dc:date": "2024-07-26T13:55+09:00",
  "dcterms:issued": "2024-07-26T13:55+09:00",
  "dcterms:modified": "2024-07-26T13:55+09:00",
  "description": "ORC provided by GStreamer is typically used when developing GStreamer plugins. Stack-based buffer overflow vulnerability (CWE-121) exists in orcparse.c of ORC.\r\n\r\nYuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000075.html",
  "sec:cpe": {
    "#text": "cpe:/a:gstreamer_project:orc",
    "@product": "ORC",
    "@vendor": "GStreamer",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.0",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-000075",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN02030803/index.html",
      "@id": "JVN#02030803",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-40897",
      "@id": "CVE-2024-40897",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    }
  ],
  "title": "ORC vulnerable to stack-based buffer overflow"
}

cve-2024-40897

Vulnerability from cvelistv5

Published

2024-07-26 06:03

Modified

2024-08-02 04:39

Severity

7.0 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments.

References

URL	Tags
https://github.com/GStreamer/orc
https://gstreamer.freedesktop.org/modules/orc.html
https://jvn.jp/en/jp/JVN02030803/
http://www.openwall.com/lists/oss-security/2024/07/26/1

Impacted products

Vendor	Product
GStreamer	ORC

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gstreamer:orc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "orc",
            "vendor": "gstreamer",
            "versions": [
              {
                "lessThan": "0.4.39",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-40897",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T13:59:16.020539Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-121",
                "description": "CWE-121 Stack-based Buffer Overflow",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T14:03:38.937Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:39:54.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/GStreamer/orc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gstreamer.freedesktop.org/modules/orc.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN02030803/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/26/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ORC",
          "vendor": "GStreamer",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 0.4.39"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer\u0027s build environment. This may lead to compromise of developer machines or CI build environments."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Stack-based buffer overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-26T06:03:23.768Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://github.com/GStreamer/orc"
        },
        {
          "url": "https://gstreamer.freedesktop.org/modules/orc.html"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN02030803/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/07/26/1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2024-40897",
    "datePublished": "2024-07-26T06:03:23.768Z",
    "dateReserved": "2024-07-12T07:12:22.373Z",
    "dateUpdated": "2024-08-02T04:39:54.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.