1. Ubuntu Security Notices
  2. USN-7405-1

USN-7405-1: InspIRCd vulnerabilities

Publication date

2 April 2025

Overview

Several security issues were fixed in InspIRCd.

Releases

Packages

  • inspircd - Modular IRCd written in C++

Details

It was discovered that InspIRCd did not correctly handle certificate
fingerprints, which could lead to spoofing. A remote attacker could
possibly use this issue to bypass authentication. This issue only affected
Ubuntu 16.04 LTS. (CVE-2016-7142)

It was discovered that InspIRCd did not correctly handle certain memory
operations, which could lead to a NULL pointer dereference. A remote
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-20917)

It was discovered that InspIRCd did not correctly handle certain memory
operations, which could lead to a use-after-free. A remote attacker could
possibly use this issue to cause a denial of service. (CVE-2020-25269)

It was discovered that InspIRCd did not correctly handle certificate
fingerprints, which could lead to spoofing. A remote attacker could
possibly use this issue to bypass authentication. This issue only affected
Ubuntu 16.04 LTS. (CVE-2016-7142)

It was discovered that InspIRCd did not correctly handle certain memory
operations, which could lead to a NULL pointer dereference. A remote
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-20917)

It was discovered that InspIRCd did not correctly handle certain memory
operations, which could lead to a use-after-free. A remote attacker could
possibly use this issue to cause a denial of service. (CVE-2020-25269)

Update instructions

After a standard system update you need to restart InspIRCd to make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
20.04 focal inspircd –  3.4.0-2ubuntu1+esm1  
18.04 bionic inspircd –  2.0.24-1ubuntu1+esm1  
16.04 xenial inspircd –  2.0.20-5ubuntu0.1~esm1  

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›