Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Mageia 9: 2024-0063 Critical Use-After-Free Issue In Irssi Fix

mageia
Calendar Grey March 15, 2024
Dist Mageia Esm H88
Recent updates to irssi packages address a significant use-after-free vulnerability impacting Mageia 9. For further details, consult the advisory.
The updated packages fix a security vulnerability: Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference

Summary

The updated packages fix a security vulnerability: Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. (CVE-2023-29132)

References

- https://bugs.mageia.org/show_bug.cgi?id=31754

- https://irssi.org/security/irssi_sa_2023_03.txt

- https://ubuntu.com/security/notices/USN-6002-1

- https://www.cve.org/CVERecord?id=CVE-2023-29132

Resolution

SRPMS

- 9/core/irssi-1.4.3-1.1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 15 Mar 2024
URL: https://advisories.mageia.org/MGASA-2024-0063.html
Type: security
CVE: CVE-2023-29132

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here