CVE-2023-23082

2023-02-0322:15:12

Debian Security Bug Tracker

security-tracker.debian.org

cve-2023-23082

denial of service

offset argument

unix

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

51.6%

JSON

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

OSVersionArchitecturePackageVersionFilename
Debian12allkodi< 2:20.0+dfsg-2kodi_2:20.0+dfsg-2_all.deb
Debian11allkodi<= 2:19.1+dfsg2-2+deb11u1kodi_2:19.1+dfsg2-2+deb11u1_all.deb
Debian999allkodi< 2:20.0+dfsg-2kodi_2:20.0+dfsg-2_all.deb
Debian13allkodi< 2:20.0+dfsg-2kodi_2:20.0+dfsg-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	kodi	< 2:20.0+dfsg-2	kodi_2:20.0+dfsg-2_all.deb
Debian	11	all	kodi	<= 2:19.1+dfsg2-2+deb11u1	kodi_2:19.1+dfsg2-2+deb11u1_all.deb
Debian	999	all	kodi	< 2:20.0+dfsg-2	kodi_2:20.0+dfsg-2_all.deb
Debian	13	all	kodi	< 2:20.0+dfsg-2	kodi_2:20.0+dfsg-2_all.deb