Home > Vulnerability Database > CVE-2023-23082

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2023-23082

Date: February 2, 2023

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

Language: C++

Severity Score

4.6

Related Resources (11)

Url: https://security-tracker.debian.org/tracker/CVE-2023-23082

Url: https://github.com/xbmc/xbmc/pull/22380/commits/7e5f9fbf9aaa3540aab35e7504036855b23dcf60

Url: https://github.com/fritsch/xbmc/commit/367cc80d66b0310b460f587fea44274b442951f1

Url: https://github.com/xbmc/xbmc/pull/22380

Url: https://github.com/fritsch/xbmc/commit/54df944584fc9fecd4cd5d69c2289f0934de305b

Url: https://github.com/xbmc/xbmc/issues/22377

Url: https://github.com/xbmc/xbmc/pull/22380/commits/00fec1dbdd1df827872c7b55ad93059636dfc076

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-23082

Url: https://github.com/xbmc/xbmc/commit/8c2aafb6d4987833803e037c923aaf83f9ff41e1

Url: https://lists.debian.org/debian-lts-announce/2024/01/msg00009.html

Url: https://www.mend.io/vulnerability-database/CVE-2023-23082

Severity Score

4.6

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

CVSS v3.1

Base Score:	4.6
Attack Vector (AV):	PHYSICAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Do you need more information?

Contact Us