CVE-2018-7053

Published: 15 February 2018

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
irssi
Launchpad, Ubuntu, Debian
Upstream
Released (1.0.7)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.8.19-1ubuntu1.7)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [code not present])
Patches:
Other: https://github.com/irssi/irssi/commit/84f03e01467b90a4251987b32b2813ee976b357c