diff options
author | Ailin Nemui <ailin@z30a.localdomain> | 2017-07-05 22:38:05 +0200 |
---|---|---|
committer | Ailin Nemui <ailin@z30a.localdomain> | 2017-07-07 14:21:55 +0200 |
commit | 94bd3ab3f3c7fbbd0b22e82481fb45ac48f18933 (patch) | |
tree | 15041f9da191a0e3b1f46e4d53d29267ed1b2da8 /security/irssi_sa_2017_07.txt | |
parent | 285ff64480eeed66217d82b1f1117cb3d7be18a6 (diff) | |
download | irssi.github.io-94bd3ab3f3c7fbbd0b22e82481fb45ac48f18933.zip |
Release Irssi 1.0.4
Diffstat (limited to 'security/irssi_sa_2017_07.txt')
-rw-r--r-- | security/irssi_sa_2017_07.txt | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/security/irssi_sa_2017_07.txt b/security/irssi_sa_2017_07.txt new file mode 100644 index 0000000..90229ac --- /dev/null +++ b/security/irssi_sa_2017_07.txt @@ -0,0 +1,75 @@ +IRSSI-SA-2017-07 Irssi Security Advisory [1] +============================================ +CVE-2017-10965, CVE-2017-10966. + +Description +----------- + +Two vulnerabilities have been located in Irssi. + +(a) When receiving messages with invalid time stamps, Irssi would try + to dereference a NULL pointer. Found by Brian 'geeknik' Carpenter + of Geeknik Labs. (CWE-690) + + CVE-2017-10965 [2] was assigned to this bug + +(b) While updating the internal nick list, Irssi may incorrectly use + the GHashTable interface and free the nick while updating it. This + will then result in use-after-free conditions on each access of + the hash table. Found by Brian 'geeknik' Carpenter of Geeknik + Labs. (CWE-416 caused by CWE-227) + + CVE-2017-10966 [3] was assigned to this bug + + +Impact +------ + +(a) May result in denial of service (remote crash). + +(b) Undefined behaviour. + + +Affected versions +----------------- + +All Irssi versions that we observed. + + +Fixed in +-------- + +Irssi 1.0.4 + + +Recommended action +------------------ + +Upgrade to Irssi 1.0.4. Irssi 1.0.4 is a maintenance release in the +1.0 series, without any new features. + +After installing the updated packages, one can issue the /upgrade +command to load the new binary. TLS connections will require +/reconnect. + + +Mitigating facts +---------------- + +(a) requires control over the ircd + +(b) should not happen with a conforming ircd + + +Patch +----- + +https://github.com/irssi/irssi/commit/5e26325317c72a04c1610ad952974e206384d291 + + +References +---------- + +[1] https://irssi.org/security/irssi_sa_2017_07.txt +[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10965 +[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10966 |