UBUNTU-CVE-2022-3667

Source
https://ubuntu.com/security/CVE-2022-3667
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-3667.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-3667
Related
Published
2022-10-26T19:15:00Z
Modified
2024-10-15T14:10:08Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability, which was classified as critical, was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WritePartial of the file Ap4ByteStream.cpp of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212007.

References

Affected packages

Ubuntu:22.04:LTS / kodi-inputstream-adaptive

Package

Name
kodi-inputstream-adaptive
Purl
pkg:deb/ubuntu/kodi-inputstream-adaptive?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6.14+ds1-1
2.6.23+ds1-1

19.*

19.0.0+ds1-1
19.0.0+ds1-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / kodi-inputstream-adaptive

Package

Name
kodi-inputstream-adaptive
Purl
pkg:deb/ubuntu/kodi-inputstream-adaptive?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

20.*

20.3.18+ds-1build1

21.*

21.5.2+ds-1
21.5.2+ds-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / kodi-inputstream-adaptive

Package

Name
kodi-inputstream-adaptive
Purl
pkg:deb/ubuntu/kodi-inputstream-adaptive?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

20.*

20.3.11+ds-1
20.3.17+ds-4
20.3.18+ds-1
20.3.18+ds-1build1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}