Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 905103 (CVE-2023-23082)

Summary: media-tv/kodi: denial of service via heap buffer overflow
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: minor CC: candrews
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/xbmc/xbmc/issues/22377
Whiteboard: B3 [upstream/ebuild]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-04-26 03:59:55 UTC 
CVE-2023-23082:

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

I guess not been backported to 19.x?

https://github.com/xbmc/xbmc/commit/8c2aafb6d4987833803e037c923aaf83f9ff41e1
https://github.com/xbmc/xbmc/pull/22380