CVE-2019-13045

Publication date 29 June 2019

Last updated 24 July 2024

Ubuntu priority

Why this priority?

Cvss 3 Severity Score

Score breakdown

Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
irssi	19.04 disco	Fixed 1.2.0-2ubuntu1.1
	18.10 cosmic	Fixed 1.1.1-1ubuntu1.2
	18.04 LTS bionic	Fixed 1.0.5-1ubuntu4.2
	16.04 LTS xenial	Fixed 0.8.19-1ubuntu1.9
	14.04 LTS trusty	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
irssi	Upstream: 5a67b98

Severity score breakdown

Parameter	Value
Base score	8.1 · High
Attack vector	Network
Attack complexity	High
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Related Ubuntu Security Notices (USN)

USN-4046-1
Irssi vulnerabilities
4 July 2019

Other references