What is the severity of CVE-2017-15227?

CVE-2017-15227 has a medium severity rating due to the potential for use-after-free vulnerabilities.

How do I fix CVE-2017-15227?

To fix CVE-2017-15227, you should update Irssi to version 1.0.5 or later.

What versions of Irssi are affected by CVE-2017-15227?

Irssi versions prior to 1.0.5 are affected by CVE-2017-15227.

Can CVE-2017-15227 lead to security issues?

Yes, CVE-2017-15227 can lead to security issues such as arbitrary code execution under certain circumstances.

What systems are impacted by CVE-2017-15227?

CVE-2017-15227 impacts systems running affected versions of the Irssi software.

Vulnerability/
CVE-2017-15227

high

7.5

CWE

416

22/10/2017

5/8/2024

CVE-2017-15227: Use After Free

First published: Sun Oct 22 2017(Updated: )

Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the state later on.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
debian/irssi		1.2.0-2+deb10u1 1.2.3-1 1.4.3-2 1.4.5-1
Irssi	<=1.0.4

Remedy

http://openwall.com/lists/oss-security/2017/10/22/4

Remedy

https://irssi.org/security/irssi_sa_2017_10.txt

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-15227?
CVE-2017-15227 has a medium severity rating due to the potential for use-after-free vulnerabilities.
How do I fix CVE-2017-15227?
To fix CVE-2017-15227, you should update Irssi to version 1.0.5 or later.
What versions of Irssi are affected by CVE-2017-15227?
Irssi versions prior to 1.0.5 are affected by CVE-2017-15227.
Can CVE-2017-15227 lead to security issues?
Yes, CVE-2017-15227 can lead to security issues such as arbitrary code execution under certain circumstances.
What systems are impacted by CVE-2017-15227?
CVE-2017-15227 impacts systems running affected versions of the Irssi software.

collector/security-tracker-debian
agent/type
agent/remedy
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/references
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/debian
vendor/irssi
canonical/irssi
version/irssi/1.0.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.