Vulnerability Description
A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.
CVSS Score
4.6
MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kodi | Kodi | <= 19.5 |
Related Weaknesses (CWE)
References
- https://github.com/xbmc/xbmc/commit/8c2aafb6d4987833803e037c923aaf83f9ff41e1PatchThird Party Advisory
- https://github.com/xbmc/xbmc/issues/22377ExploitIssue TrackingPatch
- https://github.com/xbmc/xbmc/pull/22380PatchThird Party Advisory
- https://github.com/xbmc/xbmc/pull/22380/commits/00fec1dbdd1df827872c7b55ad930596
- https://github.com/xbmc/xbmc/pull/22380/commits/7e5f9fbf9aaa3540aab35e7504036855
- https://lists.debian.org/debian-lts-announce/2024/01/msg00009.html
- https://github.com/xbmc/xbmc/commit/8c2aafb6d4987833803e037c923aaf83f9ff41e1PatchThird Party Advisory
- https://github.com/xbmc/xbmc/issues/22377ExploitIssue TrackingPatch
- https://github.com/xbmc/xbmc/pull/22380PatchThird Party Advisory
- https://github.com/xbmc/xbmc/pull/22380/commits/00fec1dbdd1df827872c7b55ad930596
- https://github.com/xbmc/xbmc/pull/22380/commits/7e5f9fbf9aaa3540aab35e7504036855
- https://lists.debian.org/debian-lts-announce/2024/01/msg00009.html
FAQ
What is CVE-2023-23082?
CVE-2023-23082 is a vulnerability with a CVSS score of 4.6 (MEDIUM). A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.
How severe is CVE-2023-23082?
CVE-2023-23082 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-23082?
Check the references section above for vendor advisories and patch information. Affected products include: Kodi Kodi.