CVE-2023-33476

Name	CVE-2023-33476
Description	ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-3465-1, DSA-5434-1
Debian Bugs	1037052

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
minidlna (PTS)	jessie, jessie (lts)	1.1.2+dfsg-1.1+deb8u1	vulnerable
	stretch (security), stretch (lts), stretch	1.1.6+dfsg-1+deb9u2	vulnerable
	buster (security), buster, buster (lts)	1.2.1+dfsg-2+deb10u4	fixed
	bullseye (security), bullseye	1.3.0+dfsg-2+deb11u2	fixed
	bookworm (security), bookworm	1.3.0+dfsg-2.2+deb12u1	fixed
	sid, trixie	1.3.3+dfsg-1.1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
minidlna	source	jessie	(unfixed)	end-of-life
minidlna	source	stretch	(unfixed)	end-of-life
minidlna	source	buster	1.2.1+dfsg-2+deb10u4		DLA-3465-1
minidlna	source	bullseye	1.3.0+dfsg-2+deb11u2		DSA-5434-1
minidlna	source	bookworm	1.3.0+dfsg-2.2+deb12u1		DSA-5434-1
minidlna	source	(unstable)	1.3.2+dfsg-1.1			1037052

Notes

https://blog.coffinsec.com/0day/2023/05/31/minidlna-heap-overflow-rca.html
Fixed by: https://sourceforge.net/p/minidlna/git/ci/9bd58553fae5aef3e6dd22f51642d2c851225aec/ (v1_3_3)