CVE-2017-8314: malicious subtitle zip files vulnerability
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kodi (Debian) |
Fix Released
|
Unknown
|
|||
kodi (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* A specially crafted zip file, for example a zipped subtitle, can overwrite arbitrary files by traversing parent directories
* This bug can be triggered remotely by tricking the user into opening a crafted subtitle thus I believe fixing it would be important
[Test Case]
* Download https:/
* Start playing a video file
* Try loading the subtitle from check-kodi-
* If you can't open the zip file and load the ../*.srt file inside the zip file your Kodi installation is fixed. Fixed 17.1 does not even list the zip file when browsing for subtitles.
[Regression Potential]
* Kodi may fail to load valid zip files
* You can verify that a harmless subtitle can still be loaded by testing it with https:/
* New build-time tests are added which check potential regressions
[Other Info]
* From the Debian bug:
* Kodi 17.2 have an important fix for the malicious subtitles
vulnerability that has the potential to compromise your machine. It is
important to update to this version as soon as possible.
http://
CVE References
Changed in kodi (Debian): | |
status: | Unknown → Fix Released |
I have uploaded the fixed packages to this PPA: /launchpad. net/~rbalint/ +archive/ ubuntu/ kodi-sru
https:/