Описание
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
Ссылки
- Mailing List
- MitigationVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing List
- MitigationVendor Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
Уязвимость IRC-клиента Irssi для операционных систем Debian GNU/Linux и Ubuntu, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2