In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
References
Link | Resource |
---|---|
http://openwall.com/lists/oss-security/2017/10/22/4 | Mailing List Mitigation Patch Third Party Advisory |
https://irssi.org/security/irssi_sa_2017_10.txt | Mitigation Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html | Mailing List Third Party Advisory |
https://www.debian.org/security/2017/dsa-4016 | Third Party Advisory |
http://openwall.com/lists/oss-security/2017/10/22/4 | Mailing List Mitigation Patch Third Party Advisory |
https://irssi.org/security/irssi_sa_2017_10.txt | Mitigation Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html | Mailing List Third Party Advisory |
https://www.debian.org/security/2017/dsa-4016 | Third Party Advisory |
Configurations
History
21 Nov 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References | () http://openwall.com/lists/oss-security/2017/10/22/4 - Mailing List, Mitigation, Patch, Third Party Advisory | |
References | () https://irssi.org/security/irssi_sa_2017_10.txt - Mitigation, Patch, Vendor Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html - Mailing List, Third Party Advisory | |
References | () https://www.debian.org/security/2017/dsa-4016 - Third Party Advisory |
Information
Published : 2017-10-22 20:29
Updated : 2024-11-21 03:15
NVD link : CVE-2017-15722
Mitre link : CVE-2017-15722
CVE.ORG link : CVE-2017-15722
JSON object : View
Products Affected
debian
- debian_linux
irssi
- irssi
CWE
CWE-125
Out-of-bounds Read