PatchSiren cyber security CVE debrief

CVE-2017-5196 Irssi CVE debrief

CVE-2017-5196 is a denial-of-service vulnerability in Irssi that can be triggered remotely when the application processes strings that are not UTF-8. The published impact is an out-of-bounds read that can cause a crash. NVD rates the issue High with CVSS 3.0 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The affected version range in the NVD record is Irssi 0.8.18 through versions before 0.8.21.

Vendor: Irssi
Product: CVE-2017-5196
CVSS: HIGH 7.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-03-03
Original CVE updated: 2026-05-13
Advisory published: 2017-03-03
Advisory updated: 2026-05-13

Who should care

Administrators and users running Irssi versions from 0.8.18 up to, but not including, 0.8.21 should treat this as a priority availability issue, especially in environments where IRC clients are exposed to untrusted network content.

Technical summary

The NVD record describes CWE-125 out-of-bounds read behavior in Irssi when it handles strings that are not UTF-8. The result is a crash-driven denial of service rather than a documented confidentiality or integrity impact. The affected CPE range is Irssi versions start including 0.8.18 and end excluding 0.8.21.

Defensive priority

High for any environment that still runs affected Irssi releases, because the issue is network-reachable, requires no privileges, and can terminate the client process.

Recommended defensive actions

Upgrade Irssi to version 0.8.21 or later, per the affected-version boundary in the NVD record and vendor advisory.
Confirm deployed Irssi versions across desktops, servers, and automation hosts that may use the client.
Review vendor guidance in the Irssi security advisory and apply any package-maintainer updates referenced by downstream advisories such as Gentoo GLSA 201701-45.
Treat the issue as an availability risk and monitor for unexpected Irssi crashes if an immediate upgrade is not possible.
Use the official CVE and NVD records to verify remediation status in your asset inventory.

Evidence notes

All claims are grounded in the supplied NVD CVE record and linked advisories. The record states: remote attackers can cause a denial of service via out-of-bounds read and crash involving strings that are not UTF-8; affected versions are 0.8.18 before 0.8.21; the weakness is CWE-125. Public references in the source set include the Irssi vendor advisory, an oss-security mailing-list post, SecurityFocus BID 95310, and Gentoo GLSA 201701-45. The CVE was published on 2017-03-03, while the record was last modified on 2026-05-13; that modified timestamp reflects record updates, not a new vulnerability date.

Official resources

CVE-2017-5196 CVE record
CVE.org
CVE-2017-5196 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Mailing List, Third Party Advisory
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
Mitigation or vendor reference
[email protected] - Third Party Advisory

Publicly disclosed in the supplied record set on 2017-03-03, with earlier vendor and mailing-list references dated 2017-01-06. The NVD entry was modified on 2026-05-13, which should be treated as a record update rather than the original CVE