Description ----------- Gabriel Campana and Adrien Guinet from Quarkslab reported two remote crash and heap corruption vulnerabilites in Irssi's format parsing code. They also provided us with proof of concept exploit code and patches to fix those issues. Impact ------ Remote crash and heap corruption. Remote code execution seems difficult since only Nuls are written. Affected versions ----------------- Irssi 0.8.17-beta up to and including 0.8.19 up to 0.8.19-219-g52fedea Bug 1 affects only Irssis compiled with true-color enabled. Bug 2 affects all Irssis regardless of compilation flags. Ref : https://irssi.org/security/irssi_sa_2016.txt https://irssi.org/2016/09/21/irssi-0.8.20-released/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
CC: (none) => thierry.vignaudAssignee: bugsquad => cookerSummary: heap corruption and missing boundary checks CVE-2016-7044 CVE-2016-7045 => irssi: heap corruption and missing boundary checks (CVE-2016-7044 CVE-2016-7045)Source RPM: irssi-0.8.19-1.mga6.src => irssi-0.8.19-1.mga6.src.rpm
Debian has issued an advisory for this on September 21: https://www.debian.org/security/2016/dsa-3672 The oss-security announcement of this issue has a link to an upstream patch to fix the issues at the bottom: http://www.openwall.com/lists/oss-security/2016/09/21/11
URL: https://irssi.org/2016/09/21/irssi-0.8.20-released/ => http://lwn.net/Vulnerabilities/701626/
irssi-0.8.20-1.mga6 updated for Cauldron by Johnny. Thanks!
Status: NEW => RESOLVEDResolution: (none) => FIXED