CVE-2017-15723 — NULL Pointer Dereference in Irssi

CWE-476 — NULL Pointer Dereference9 documents7 sources

Severity

7.5HIGHNVD

OSV9.8

EPSS

0.6%

top 30.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Irssi Debian Irssi Debian Linux

Timeline

PublishedOct 22

Latest updateMay 14

Description

In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/irssi< irssi 1.0.5-1 (bookworm)

▶Debianirssi/irssi< 1.0.5-1+3

▶Ubuntuirssi/irssi< 0.8.15-5ubuntu3.3+1

▶NVDirssi/irssi1.0.4

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: openwall.com ↗Patch: irssi.org ↗Patch: openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-cpp6-928v-86fm: In Irssi before 1↗2022-05-14

▶

OSV

irssi vulnerabilities↗2017-10-26

▶

OSV

CVE-2017-15723: In Irssi before 1↗2017-10-22

▶

📋Vendor Advisories

Ubuntu

Irssi vulnerabilities↗2017-10-26

▶

Red Hat

irssi: NULL pointer dereference due to overlong nicks while splitting the message↗2017-10-22

▶

Debian

CVE-2017-15723: irssi - In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer de...↗2017

▶

💬Community

Bugzilla

CVE-2017-15227 CVE-2017-15228 CVE-2017-15721 CVE-2017-15722 CVE-2017-15723 irssi: various flaws [fedora-all]↗2017-11-08

▶

Bugzilla

CVE-2017-15723 irssi: NULL pointer dereference due to overlong nicks while splitting the message↗2017-11-08

▶