[arch-security] [Arch Linux Security Advisory ASA-201411-5] konversation: denial of service
Arch Linux Security Advisory ASA-201411-5 ========================================= Severity: Low Date : 2014-11-09 CVE-ID : CVE-2014-8483 Package : konversation Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE-2014 Summary ======= The package konversation before version 1.5.1-1 is vulnerable to denial of service. Resolution ========== Upgrade to 1.5.1-1. # pacman -Syu "konversation>=1.5.1-1" The problem has been fixed upstream [0] in version 1.5.1. Workaround ========== None. Description =========== Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user. Impact ====== When using Blowfish ECB encryption with another party (an IRC channel or user), sending malformed blocks to konversation can result in a crash or an information leak up to 11 bytes to the local user, due to an out-of-bounds read on a heap-allocated array. References ========== [0] https://github.com/quassel/quassel/commit/8b5ecd https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8483 https://bugs.archlinux.org/task/42698 https://www.kde.org/info/security/advisory-20141104-1.txt
participants (1)
-
Levente Polyak