Security Links
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
#MICROSOFT
Microsoft Learn

Build skills that open doors. See all you can do with documentation, hands-on training, and certifications to help you get the most from Microsoft products.

https://learn.microsoft.com/
Microsoft Security Blog

Expert coverage on security matters such as zero trust, identity and access management, threat protection, information protection, and security management.

https://www.microsoft.com/en-us/security/blog/