Описание
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.
A flaw was found in the Irssi package. When Irssi prints a message while another message is being printed, the list that keeps track of Irssi variables for use in statusbar/message patterns is incorrectly cleaned up, leading to a use-after-free condition.
Отчет
The versions of Irssi as shipped in Red Hat Enterprise Linux 6, 7, 8, and 9 are not affected by this vulnerability. Only Irssi versions 1.3.0 and higher are vulnerable.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | irssi | Not affected | ||
| Red Hat Enterprise Linux 7 | irssi | Not affected | ||
| Red Hat Enterprise Linux 8 | irssi | Not affected | ||
| Red Hat Enterprise Linux 9 | irssi | Not affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use ...
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.
7.5 High
CVSS3