Описание
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| zziplib | fixed | 0.13.62-3.2 | package | |
| zziplib | fixed | 0.13.62-3.2~deb9u1 | stretch | package |
| zziplib | ignored | wheezy | package |
Примечания
https://github.com/gdraheim/zziplib/issues/15
https://github.com/gdraheim/zziplib/commit/72ec933663f738d8e166979aa7fd5590b2104a07 (v0.13.68)
Связанные уязвимости
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
Уязвимость функции zzip_disk_findfirst библиотеки архивирования ZZIPlib, связанная с неверным расчетом размера буфера, позволяющая нарушителю вызвать отказ в обслуживании