Vulnerability Description
An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user able to fully connect to a server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Inspircd | Inspircd | >= 3.0, < 3.1.0 |
Related Weaknesses (CWE)
References
- https://docs.inspircd.org/security/2019-01/Vendor Advisory
- https://github.com/inspircd/inspircd/commit/7b47de3c194f239c5fea09a0e49696c9af01PatchThird Party Advisory
- https://github.com/inspircd/inspircd/commit/bcd65de1ec4bb71591ae417fee649d7ecd37PatchThird Party Advisory
- https://docs.inspircd.org/security/2019-01/Vendor Advisory
- https://github.com/inspircd/inspircd/commit/7b47de3c194f239c5fea09a0e49696c9af01PatchThird Party Advisory
- https://github.com/inspircd/inspircd/commit/bcd65de1ec4bb71591ae417fee649d7ecd37PatchThird Party Advisory
FAQ
What is CVE-2019-20918?
CVE-2019-20918 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user abl...
How severe is CVE-2019-20918?
CVE-2019-20918 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-20918?
Check the references section above for vendor advisories and patch information. Affected products include: Inspircd Inspircd.