CVE-2023-33476

2023-06-0214:15:09

Debian Security Bug Tracker

security-tracker.debian.org

readymedia

minidlna

buffer overflow

http requests

chunked encoding

out-of-bounds read/write

unix

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

66.0%

JSON

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.

OSVersionArchitecturePackageVersionFilename
Debian12allminidlna< 1.3.0+dfsg-2.2+deb12u1minidlna_1.3.0+dfsg-2.2+deb12u1_all.deb
Debian11allminidlna< 1.3.0+dfsg-2+deb11u2minidlna_1.3.0+dfsg-2+deb11u2_all.deb
Debian999allminidlna< 1.3.2+dfsg-1.1minidlna_1.3.2+dfsg-1.1_all.deb
Debian13allminidlna< 1.3.2+dfsg-1.1minidlna_1.3.2+dfsg-1.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	minidlna	< 1.3.0+dfsg-2.2+deb12u1	minidlna_1.3.0+dfsg-2.2+deb12u1_all.deb
Debian	11	all	minidlna	< 1.3.0+dfsg-2+deb11u2	minidlna_1.3.0+dfsg-2+deb11u2_all.deb
Debian	999	all	minidlna	< 1.3.2+dfsg-1.1	minidlna_1.3.2+dfsg-1.1_all.deb
Debian	13	all	minidlna	< 1.3.2+dfsg-1.1	minidlna_1.3.2+dfsg-1.1_all.deb