Описание
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1.0.4-1ubuntu2.3 |
| bionic | released | 1.0.5-1ubuntu4.2 |
| cosmic | released | 1.1.1-1ubuntu1 |
| devel | released | 1.1.1-1ubuntu2 |
| disco | released | 1.1.1-1ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| esm-infra/bionic | released | 1.0.5-1ubuntu4.2 |
| esm-infra/xenial | not-affected | |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
Показывать по
Ссылки на источники
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
Уязвимость IRC-клиента Irssi для операционных систем Debian GNU/Linux и Ubuntu, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
7.5 High
CVSS2
9.8 Critical
CVSS3