Lucene search

[email protected]NVD:CVE-2023-23082

HistoryFeb 03, 2023 - 10:15 p.m.

CVE-2023-23082

2023-02-0322:15:12

CWE-787

[email protected]

web.nvd.nist.gov

kodi

software

heap buffer overflow

vulnerability

denial of service

improper length

offset argument

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.0%

JSON

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

Affected configurations

NVD

Node

kodikodiRange≤19.5

References

github.com/xbmc/xbmc/commit/8c2aafb6d4987833803e037c923aaf83f9ff41e1

github.com/xbmc/xbmc/issues/22377

github.com/xbmc/xbmc/pull/22380

github.com/xbmc/xbmc/pull/22380/commits/00fec1dbdd1df827872c7b55ad93059636dfc076

github.com/xbmc/xbmc/pull/22380/commits/7e5f9fbf9aaa3540aab35e7504036855b23dcf60

lists.debian.org/debian-lts-announce/2024/01/msg00009.html

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.0%

JSON

Related for NVD:CVE-2023-23082

veracode1 debiancve1 alpinelinux1 ubuntucve1 prion1 cvelist1 osv2 cve1 openvas1 nessus1 debian1