Vulnerabilities > CVE-2023-29132 - Use After Free vulnerability in Irssi

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

irssi

CWE-416

NVD

Published: 2023-04-14

Updated: 2023-04-24

Summary

Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.

Vulnerable Configurations

Part	Description	Count
Application	Irssi Irssi Irssi 1.3.0 Irssi Irssi 1.4.1 Irssi Irssi 1.4.2 Irssi Irssi 1.4.3	4

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://irssi.org/security/irssi_sa_2023_03.txt
https://www.openwall.com/lists/oss-security/2023/03/30/5