oss-sec mailing list archives

CVE request - Quassel IRC denial of service

From: Bas Pape <baspape () gmail com>
Date: Sat, 30 Apr 2016 14:41:03 +0200

Hi,

It was found that quasselcore is vulnerable to a denial of service
attack by unauthenticated clients. The protocol negotiation did not
take into account lack of a match, in which case
PeerFactory::createPeer returns a nullptr, which is immediately
dereferenced [1].
This issue was introduced in commit d1bf207 [2] (version 0.10.0 and
later), and fixed in commit e678873 [3] (tagged as version 0.12.4).

Can a CVE be assigned to this issue?

[1] https://github.com/quassel/quassel/blob/f64ac93/src/core/coreauthhandler.cpp#L100
[2] https://github.com/quassel/quassel/commit/d1bf207
[3] https://github.com/quassel/quassel/commit/e678873

-- 
Bas Pape (Tucos)

Current thread:

CVE request - Quassel IRC denial of service Bas Pape (Apr 30)
- Re: CVE request - Quassel IRC denial of service cve-assign (Apr 30)