CVE-2020-8955

ircmodechannel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).

References

Affected packages

Git / github.com/weechat/weechat

Affected ranges

Type: GIT
Repo: https://github.com/weechat/weechat
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6f4f147d8e86adf9ad34a8ffd7e7f1f23a7e74da

Affected versions

Other

release-0-0-1

release-0-0-2

release-0-0-3

release-0-0-4

release-0-0-5

release-0-0-6

release-0-0-7

release-0-0-8

release-0-0-9

release-0-1-0

release-0-1-1

release-0-1-2

release-0-1-3

release-0-1-4

release-0-1-5

release-0-1-6

release-0-1-7

release-0-1-8

release-0-1-9

release-0-2-0

release-0-2-1

release-0-2-2

release-0-2-3

release-0-2-4

release-0-2-5

v0.*

v0.0.1

v0.0.2

v0.0.3

v0.0.4

v0.0.5

v0.0.6

v0.0.7

v0.0.8

v0.0.9

v0.1.0

v0.1.1

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.3.0

v0.3.0-rc1

v0.3.0-rc2

v0.3.0-rc3

v0.3.1

v0.3.2

v0.3.2-rc1

v0.3.3

v0.3.3-rc1

v0.3.3-rc2

v0.3.3-rc3

v0.3.4

v0.3.4-rc1

v0.3.4-rc2

v0.3.4-rc3

v0.3.5

v0.3.5-rc1

v0.3.5-rc2

v0.3.5-rc3

v0.3.6

v0.3.6-rc1

v0.3.6-rc2

v0.3.6-rc3

v0.3.7

v0.3.7-rc1

v0.3.7-rc2

v0.3.7-rc3

v0.3.8

v0.3.8-rc1

v0.3.8-rc2

v0.3.9

v0.3.9-rc1

v0.3.9-rc2

v0.4.0

v0.4.0-rc1

v0.4.0-rc2

v0.4.0-rc3

v0.4.1

v0.4.1-rc1

v0.4.1-rc2

v0.4.2

v0.4.2-rc1

v0.4.2-rc2

v0.4.3

v0.4.3-rc1

v0.4.3-rc2

v1.*

v1.0

v1.0-rc1

v1.0-rc2

v1.0-rc3

v1.1

v1.1-rc1

v1.1-rc2

v1.2

v1.2-rc1

v1.2-rc2

v1.3

v1.3-rc1

v1.3-rc2

v1.4

v1.4-rc1

v1.4-rc2

v1.5

v1.5-rc1

v1.5-rc2

v1.6

v1.6-rc1

v1.6-rc2

v1.7

v1.7-rc1

v1.7-rc2

v1.8

v1.8-rc1

v1.9

v1.9-rc1

v1.9-rc2

v2.*

v2.0

v2.0-rc1

v2.1

v2.1-rc1

v2.2

v2.2-rc1

v2.2-rc2

v2.3

v2.3-rc1

v2.4

v2.4-rc1

v2.5

v2.5-rc1

v2.5-rc2

v2.6

v2.6-rc1

v2.6-rc2

v2.7

v2.7-rc1

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://github.com/weechat/weechat/commit/6f4f147d8e86adf9ad34a8ffd7e7f1f23a7e74da",
        "deprecated": false,
        "target": {
            "function": "irc_mode_channel_update",
            "file": "src/plugins/irc/irc-mode.c"
        },
        "signature_type": "Function",
        "id": "CVE-2020-8955-1b8299ba",
        "digest": {
            "function_hash": "223350524238790654043842164543245510326",
            "length": 2502.0
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/weechat/weechat/commit/6f4f147d8e86adf9ad34a8ffd7e7f1f23a7e74da",
        "deprecated": false,
        "target": {
            "file": "src/plugins/irc/irc-mode.c"
        },
        "signature_type": "Line",
        "id": "CVE-2020-8955-afbcfe2f",
        "digest": {
            "line_hashes": [
                "200879968070498314343440529766462460162",
                "267790770994180775470654757621928752132",
                "84311193978423127644732102481155587185",
                "37738585302980977653187765980868653464",
                "103144408093402382474082176671652325727",
                "248047512738540522610242778759283707096",
                "13726779807730142557510816354576803671",
                "304711207680069284387163760563633707915",
                "134091926362240965518819909662205922465",
                "77567932931264461531056880510287982960",
                "61653280659459939285653700726216165635",
                "144127429652462822056848416788256299906",
                "293177098233781010308844640392180242208",
                "285905928978361185004924297576737108114"
            ],
            "threshold": 0.9
        }
    }
]