Bug 1546275 – CVE-2018-7051 irssi: out-of-bounds access when printing theme strings with certain nick names

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1546275 - (CVE-2018-7051) CVE-2018-7051 irssi: out-of-bounds access when printing theme strings with certain nick names

Summary:	CVE-2018-7051 irssi: out-of-bounds access when printing theme strings with ce...

Status:	NEW

Aliases:	CVE-2018-7051

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=low,public=20180208,reported=2...
Keywords:	Security

Depends On:	1563293 1563294 1563295 1546316
Blocks:	1546283
	Show dependency tree / graph

Reported:	2018-02-16 14:22 EST by Laura Pardo
Modified:	2018-05-31 17:53 EDT (History)
CC List:	3 users (show)

See Also:
Fixed In Version:	irssi 1.0.7, irssi 1.1.1
Doc Type:	If docs needed, set a value
Doc Text:	An out of bound read was found in Irssi, version 0.8.7 and later, when dealing with malformed theme strings. An attacker could trigger the vulnerability by using specific nick names that could potentially cause a crash in the application.
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Laura Pardo 2018-02-16 14:22:11 EST

An issue was discovered in Irssi 0.8.7 and later in function
theme_format_expand_abstract of fe-common/core/themes.c file. Certain nick names
could result in out-of-bounds access when printing malformed theme strings.

Upstream commit:
https://github.com/irssi/irssi/commit/e0c66e31224894674356ddaf6d46016c1abc994f

Upstream patch:
https://github.com/irssi/irssi/commit/e32e9d63c67ab95ef0576154680a6c52334b97af

References:
https://irssi.org/security/irssi_sa_2018_02.txt

Comment 1 Laura Pardo 2018-02-16 15:12:12 EST

Created irssi tracking bugs for this issue:

Affects: fedora-all [bug 1546316]

Note You need to log in before you can comment on or make changes to this bug.