Mailinglist Archive: opensuse-bugs (4250 mails)

< Previous Next >
[Bug 1018357] New: VUL-1: irssi: Multiple Vulnerabilities (2017/01) [CWE-690, CWE-146, CWE-126]
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Thu, 05 Jan 2017 15:12:07 +0000
  • Message-id: <bug-1018357-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1018357


Bug ID: 1018357
Summary: VUL-1: irssi: Multiple Vulnerabilities (2017/01)
[CWE-690, CWE-146, CWE-126]
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.2
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Security
Assignee: security-team@xxxxxxx
Reporter: mikhail.kasimov@xxxxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: ---
Blocker: ---

Ref: http://seclists.org/oss-sec/2017/q1/23
================================================
Multiple vulnerabilities in Irssi [1]
=====================================


Description
-----------

Four vulnerabilities have been located in Irssi.

(a) A NULL pointer dereference in the nickcmp function found by Joseph
Bisch. (CWE-690)

(b) Use after free when receiving invalid nick message (Issue #466, CWE-146)

(c) Out of bounds read in certain incomplete control codes found by
Joseph Bisch. (CWE-126)

(d) Out of bounds read in certain incomplete character sequences found
by Hanno Böck and independently by J. Bisch. (CWE-126)


Impact
------

These issues may result in denial of service (remote crash).


Affected versions
-----------------

(a) All Irssi versions that we observed
(b) All Irssi versions that we observed
(c) Irssi 0.8.17 and later
(d) Irssi 0.8.18 and later


Fixed in
--------

Irssi 0.8.21, Irssi 1.0.0


Recommended action
------------------

Upgrade to Irssi 0.8.21. Irssi 0.8.21 is a maintenance release
without any new features.

After installing the updated packages, one can issue the /upgrade
command to load the new binary. TLS connections will require
/reconnect.

.....


Mitigating facts
----------------

(a) requires control over the ircd

(b), (d) require control over the ircd or otherwise can be triggered /
avoided by the user themselves


Patch
-----

https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d


References
----------

[1] https://irssi.org/security/irssi_sa_2017_01.txt
================================================

https://software.opensuse.org/package/irssi

0.8.20 for TW, 42.1|2.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >