CVE-2023-30207

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-30207
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-30207.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-30207
Downstream
Published
2023-07-05T21:15:09Z
Modified
2025-10-21T13:14:35.582603Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file.

References

Affected packages

Git / github.com/xbmc/xbmc

Affected ranges

Type
GIT
Repo
https://github.com/xbmc/xbmc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
dbc00c500f4c4830049cc040a61c439c580eea73

Affected versions

14.*

14.0a2-Helix
14.0a3-Helix
14.0a4-Helix
14.0b1-Helix
14.0b2-Helix
14.0b3-Helix
14.0b4-Helix
14.0b5-Helix
14.0rc1-Helix
14.0rc2-Helix
14.0rc3-Helix

15.*

15.0a1-Isengard
15.0a2-Isengard
15.0b1-Isengard
15.0b2-Isengard
15.0rc1-Isengard

16.*

16.0a1-Jarvis
16.0a2-Jarvis
16.0a3-Jarvis
16.0a4-Jarvis
16.0b1-Jarvis
16.0b2-Jarvis

17.*

17.0a1-Krypton
17.0a2-Krypton
17.0a3-Krypton
17.0b1-Krypton
17.0b2-Krypton
17.0b3-Krypton
17.0b4-Krypton
17.0b5-Krypton
17.0b6-Krypton

18.*

18.0-Leia
18.0a1-Leia
18.0a2-Leia
18.0a3-Leia
18.0b1-Leia
18.0b1v2-Leia
18.0b2-Leia
18.0b3-Leia
18.0b4-Leia
18.0b5-Leia
18.0rc1-Leia
18.0rc2-Leia
18.0rc3-Leia
18.0rc4-Leia
18.0rc5-Leia
18.0rc5.2-Leia
18.1-Leia
18.1rc1-Leia
18.2rc1-Leia

19.*

19.0-Matrix
19.0RC1-Matrix
19.0a1-Matrix
19.0a2-Matrix
19.0a3-Matrix
19.0b1-Matrix
19.0b1Android-Matrix
19.0b2-Matrix

20.*

20.0a1-Nexus
20.0a2-Nexus
20.0a3-Nexus
20.0b1-Nexus
20.0rc1-Nexus

Other

Frodo_alpha1
Frodo_alpha2
Frodo_alpha3
Frodo_alpha4
Frodo_alpha5
Frodo_alpha6
Frodo_alpha7
Frodo_beta1
Frodo_beta2
Frodo_beta3
Frodo_rc1
Frodo_rc2
Frodo_rc3
Gotham_alpha1
Gotham_alpha10
Gotham_alpha11
Gotham_alpha2
Gotham_alpha3
Gotham_alpha4
Gotham_alpha5
Gotham_alpha6
Gotham_alpha7
Gotham_alpha8
Gotham_alpha9
howto-cleanup-logic
legacy_drop_vs
master-last-commmit-before-python3-merge

Database specific

vanir_signatures

[
    {
        "id": "CVE-2023-30207-65a9fb30",
        "target": {
            "file": "xbmc/cores/paplayer/VideoPlayerCodec.cpp"
        },
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "123400904472445635708847233311064433326",
                "192098459844225758477781845049372409769",
                "49902176576136927114751574685266099911",
                "140047452837697257608847762113296424809",
                "338007879564644242334168388778728074233",
                "117580629669832035052331008386328457810",
                "98185155233344185074172624907956262124",
                "236891805200834691629213080525795928527"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "source": "https://github.com/xbmc/xbmc/commit/dbc00c500f4c4830049cc040a61c439c580eea73",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-30207-9de97ada",
        "target": {
            "function": "VideoPlayerCodec::Init",
            "file": "xbmc/cores/paplayer/VideoPlayerCodec.cpp"
        },
        "signature_version": "v1",
        "digest": {
            "length": 5559.0,
            "function_hash": "23763432731783186072215632938834707092"
        },
        "deprecated": false,
        "source": "https://github.com/xbmc/xbmc/commit/dbc00c500f4c4830049cc040a61c439c580eea73",
        "signature_type": "Function"
    }
]