💻 Research

Analysis of CVE-2023-23082 Vulnerability

Donghyeon Jeong·2023-05-14·8 min read

Overview

A few months ago I started doing vulnerability analysis research on open source projects and this is a quick review of vulnerabilities for one of them, the Kodi project by the XBMC Foundation.

The vulnerability was categorized as a heap overflow and a DOS vulnerability and assigned

CVE-2023-23082 More information can be found at cve.mitre.org.

Root Cause

The vulnerability occurs in the logic of parsing image files in the Kodi process.

When parsing an image, this is done internally in Exifparse.cpp, but if the image data is corrupted or contains invalid data, no exception is thrown and the process crashes.

Before patched

c++


// Filename: Exifparse.cpp
if (OffsetVal+ByteCount > ExifLength)
if (FirstOffset < 8 || FirstOffset > 16 )
if (OffsetVal+ByteCount > ExifLength)

After patched

- https://github.com/xbmc/xbmc/pull/22960/commits/fd8fce6a2c6bae200c737716536c109bff6d33c4

- https://github.com/xbmc/xbmc/pull/22960/commits/8021cb728b789fe59b57722e0fdf699808194e50


// Filename: Exifparse.cpp
if (OffsetVal > UINT32_MAX - ByteCount || OffsetVal + ByteCount > ExifLength)
if (FirstOffset < 8 || FirstOffset + 8 >= length )
if (OffsetVal > UINT32_MAX - ByteCount || OffsetVal + ByteCount > ExifLength)