FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

InspIRCd websocket module double free vulnerability

Affected packages
inspircd < 3.8.1

Details

VuXML ID 53e9efa1-4be7-11eb-8558-3085a9a47796
Discovery 2020-02-01
Entry 2021-01-01

The InspIRCd development team reports:

The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is [GKZ]-lined to remotely crash an InspIRCd server.

References

URL https://docs.inspircd.org/security/2020-02/