CVE Vulnerability

CVE-2023-23082

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

4.6 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 3.6

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/fritsch/xbmc/commit/367cc80d66b0310b460f587fea44274b442951f1 Patch Third Party Advisory
https://github.com/xbmc/xbmc/pull/22380 Patch Third Party Advisory
https://github.com/xbmc/xbmc/commit/8c2aafb6d4987833803e037c923aaf83f9ff41e1 Patch Third Party Advisory
https://github.com/fritsch/xbmc/commit/54df944584fc9fecd4cd5d69c2289f0934de305b Patch Third Party Advisory
https://github.com/xbmc/xbmc/issues/22377 Exploit Issue Tracking
Configurations

Configuration 1

cpe:2.3:a:kodi:kodi:*:*:*:*:*:*:*:*
Information

Published : 2023-02-03 10:15

Updated : 2023-02-12 04:53

NVD link : CVE-2023-23082

Mitre link : CVE-2023-23082

Products Affected
No products.
CWE
CWE-787