688944 – (CVE-2019-13045) <net-irc/irssi-1.2.1: Use after free when sending SASL login to the server

Bug 688944 (CVE-2019-13045) - <net-irc/irssi-1.2.1: Use after free when sending SASL login to the server

Summary: <net-irc/irssi-1.2.1: Use after free when sending SASL login to the server

Status:	RESOLVED FIXED

Alias:	CVE-2019-13045

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://irssi.org/security/irssi_sa_2...
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2019-06-29 15:34 UTC by Jeroen Roovers (RETIRED)
Modified:	2019-07-25 17:45 UTC (History)
CC List:	3 users (show)

See Also:
Package list:	net-irc/irssi-1.2.1
Runtime testing required:	---

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jeroen Roovers (RETIRED) gentoo-dev

2019-06-29 15:34:51 UTC

IRSSI-SA-2019-06 Irssi Security Advisory [1]
============================================
CVE-2019-13045

Description
-----------

(a) Use after free when sending SASL login to the server found by
    ilbelkyr. (CWE-416, CWE-825)

    CVE-2019-13045 [2] was assigned to this issue.


Impact
------

May affect the stability of Irssi. SASL logins may fail, especially
during (manual and automated) reconnect.


Affected versions
-----------------

(a) Irssi 0.8.18 and later


Fixed in
--------

Irssi 1.0.8, 1.1.3, 1.2.1


Recommended action
------------------

Upgrade to the latest Irssi. We've published maintenance releases,
without any new features.

After installing the updated packages, one can issue the /upgrade
command to load the new binary. TLS connections will require
/reconnect.


Mitigating facts
----------------

Users who have not configured SASL, are not affected by this issue.



References
----------

[1] https://irssi.org/security/irssi_sa_2019_06.txt
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045

Comment 1 Larry the Git Cow gentoo-dev

2019-06-30 04:06:28 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8abedfbc9aa8cb11907e5d6788d3870ba1455a92

commit 8abedfbc9aa8cb11907e5d6788d3870ba1455a92
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2019-06-30 03:55:48 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2019-06-30 04:06:15 +0000

    net-irc/irssi: Version bump, security bug #688944
    
    Bug: https://bugs.gentoo.org/688944
    Package-Manager: Portage-2.3.66, Repoman-2.3.11
    Signed-off-by: Sven Wegener <swegener@gentoo.org>

 net-irc/irssi/Manifest           |  1 +
 net-irc/irssi/irssi-1.2.1.ebuild | 65 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 66 insertions(+)

Comment 2 Matt Turner gentoo-dev

2019-07-07 20:34:13 UTC

cc arches?

Comment 3 Matt Turner gentoo-dev

2019-07-14 20:23:28 UTC

Not sure what happened to our three maintainers. Cc'ing arches.

Comment 4 Agostino Sarubbo gentoo-dev

2019-07-15 13:14:40 UTC

amd64 stable

Comment 5 Rolf Eike Beer archtester

2019-07-15 19:23:03 UTC

sparc stable

Comment 6 Agostino Sarubbo gentoo-dev

2019-07-17 15:25:30 UTC

x86 stable

Comment 7 Agostino Sarubbo gentoo-dev

2019-07-18 09:59:00 UTC

ppc stable

Comment 8 Agostino Sarubbo gentoo-dev

2019-07-18 10:02:51 UTC

ppc64 stable

Comment 9 Agostino Sarubbo gentoo-dev

2019-07-18 11:45:25 UTC

ia64 stable

Comment 10 Agostino Sarubbo gentoo-dev

2019-07-18 13:10:26 UTC

alpha stable

Comment 11 Sergei Trofimovich (RETIRED) gentoo-dev

2019-07-21 08:27:27 UTC

hppa stable

Comment 12 Mikle Kolyada (RETIRED) archtester

2019-07-25 17:44:24 UTC

arm stable