logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-28926

Description

ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 minidlna 1.2.1+dfsg-1ubuntu0.20.04.1
ubuntu 20.10 minidlna 1.2.1+dfsg-2ubuntu0.1
ubuntu upstream minidlna 1.3.0
ubuntu 16.04 minidlna 1.1.5+dfsg-2ubuntu0.1

Related