--- Vulnerability Overview CVE IDs: CVE-2018-5206, CVE-2018-5205, CVE-2018-5208, CVE-2018-5207 Discoverer: Joseph Bisch --- Vulnerability Details 1. NULL Pointer Dereference - Scenario: When setting a channel topic without specifying a sender, Irssi may trigger a NULL pointer dereference error. (CVE-476) - Related CVE: CVE-2018-5206 2. Out-of-bounds Access - Scenario: Using incomplete escape codes or variable parameters may allow Irssi to access data beyond the end of a string. (CVE-126) - Related CVEs: CVE-2018-5205, CVE-2018-5208, CVE-2018-5207 3. Heap Buffer Overflow - Scenario: Calculation errors in completion code may lead to heap overflow. (CVE-126) - Related CVE: CVE-2018-5208 --- Impact Scope The stability of Irssi may be affected by the above vulnerabilities. Affected Versions All monitored Irssi versions Fixed Version Version: 1.0.6 Type: Maintenance release, no new features added --- Mitigation Recommendations Upgrade to Irssi version 1.0.6. After installation, run the command to load the new binary. TLS connections will need to be reconnected. Mitigating Factors Exploitation requires compromising or controlling the ircd, or having a user install malicious/faulty files or input specific commands to trigger the vulnerabilities. Patch Link Irssi 1.0.5 → 1.0.6 Diff Patch