Описание
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| zziplib | fixed | 0.13.62-3.2 | package | |
| zziplib | fixed | 0.13.62-3.2~deb9u1 | stretch | package |
| zziplib | no-dsa | wheezy | package |
Примечания
https://github.com/gdraheim/zziplib/issues/39
https://github.com/gdraheim/zziplib/commit/1ba660b3300d67b8ce9f6b96bbae0b36fa2d6b06 (v0.13.69)
Связанные уязвимости
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
Уязвимость функции zzip_disk_fread библиотеки архивирования ZZIPlib, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании