Red Hat Bugzilla – Bug 1459456
CVE-2017-9468 irssi: Null pointer dereference while receiving a DCC message without source nick/host
Last modified: 2017-06-12 09:46:01 EDT
When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. A malicious remote server could cause irssi to crash.
Created irssi tracking bugs for this issue:
Affects: fedora-all [bug 1459458]
Lowering severity because of the following reason :
* A rogue, or buggy, IRC server is required to be able to make use of this vulnerability. An attacker would need to either gain control of a IRC server, or trick the user into connecting a rogue IRC server
Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.