Headline
CVE-2019-20917: Security Advisory 2019-01 - InspIRCd Documentation
An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.
Summary
The mysql module before v3.3.0 contains a null pointer dereference when built against mariadb-connector-c v3.0.5 or newer. When combined with the sqlauth or sqloper modules this vulnerability can be used to remotely crash an InspIRCd server by any user able to connect to a server.
Affected Versions
This vulnerability is present in the following releases:
- All versions of v2 before v2.0.28
- All versions of v3 before v3.3.0
Recommended Action
This vulnerability is fixed in versions 2.0.28 and 3.3.0. It is strongly recommended that all affected users upgrade.
If upgrading is not possible then the mysql module should be unloaded.
History
- 2019-08-19 — A crash vulnerability was reported to the InspIRCd team.
- 2019-08-20 — The cause of the crash was identified by the InspIRCd team and a fix was prepared.
- 2019-08-23 — InspIRCd v2.0.28 and v3.3.0 was released with a fix for the crash vulnerability.
References
- InspIRCd commit 2cc35d8 (v2).
- InspIRCd commit 8745660 (v3).
- CVE-2019-20917