InspIRCd Security Advisory 2020-02
Summary
The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is [GKZ]-lined to remotely crash an InspIRCd server.
Thanks to @benharri for reporting this issue.
Affected Versions
This vulnerability is present in the following releases:
- All versions of v3 before v3.8.1
Recommended Action
This vulnerability is fixed in version 3.8.1. It is strongly recommended that all affected users upgrade.
If upgrading is not possible then the websocket module should be unloaded or reconfigured to allow users to connect directly instead of through a HTTP reverse proxy.
History
- 2019-01-14 — The vulnerability was introduced as part of a fix for another issue.
- 2020-11-18 — A crash bug was reported to the InspIRCd team.
- 2020-11-19 — The cause of the crash was identified by the InspIRCd team and a fix was prepared.
- 2020-11-20 — InspIRCd v3.8.1 was released with a fix for the crash vulnerability.