CVE-2023-33476: 
Linux Debian vulnerability analysis and mitigation

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 contain a heap-based buffer overflow vulnerability in the HTTP chunk parsing code. The vulnerability was discovered in May 2023 and was assigned CVE-2023-33476. The issue affects the HTTP request processing code responsible for handling requests that use chunked encoding (CoffinSec Blog).

The vulnerability stems from incorrect validation logic when handling HTTP requests using chunked transport encoding. The bug occurs in the ParseHttpHeaders() function where the result of a comparison expression is incorrectly saved to h->req_chunklen instead of the actual parsed chunk size value. This allows attackers to pass chunk size values larger than the total request size, which later results in out-of-bounds read/write operations when these values are used in memmove() calls without proper bounds checking. The vulnerability has been assigned a CVSS v3.1 base score of 9.8 CRITICAL (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (NVD).

The vulnerability can be exploited to achieve remote code execution in the context of the user running the minidlna server. The out-of-bounds read/write capability could also lead to denial of service conditions (Debian Security).

The vulnerability has been fixed in ReadyMedia version 1.3.3. Users are advised to upgrade to this version or later. Various Linux distributions have also released security updates to address this vulnerability, including Debian (1.3.0+dfsg-2+deb11u2 for bullseye), Ubuntu, and Gentoo (Gentoo Security, Debian Security).