Home

CVE-2017-10966

Description

An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.834

Associated Vulnerability

VulnerabilityOS Platform
terminal based IRC client (USN-3465-1) irssi_1.0.4-1ubuntu2.1_i386.debLinux
terminal based IRC client (USN-3465-1) irssi_1.0.4-1ubuntu2.1_amd64.debLinux
terminal based IRC client (USN-3465-1) irssi_0.8.15-5ubuntu3.3_i386.debLinux
terminal based IRC client (USN-3465-1) irssi_0.8.15-5ubuntu3.3_amd64.debLinux
terminal based IRC client (USN-3465-1) irssi_0.8.19-1ubuntu1.5_i386.debLinux
terminal based IRC client (USN-3465-1) irssi_0.8.19-1ubuntu1.5_amd64.debLinux
terminal based IRC client (USN-3465-1) irssi_0.8.20-2ubuntu2.2_i386.debLinux
terminal based IRC client (USN-3465-1) irssi_0.8.20-2ubuntu2.2_amd64.debLinux
irssi security update(DSA-4016-1) irssi_1.0.2-1+deb9u3_i386.debLinux
irssi security update(DSA-4016-1) irssi_1.0.2-1+deb9u3_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234