Lucene search

ArchLinuxASA-201804-3

HistoryApr 04, 2018 - 12:00 a.m.

[ASA-201804-3] zziplib: denial of service

2018-04-0400:00:00

security.archlinux.org

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

65.8%

JSON

Arch Linux Security Advisory ASA-201804-3

Severity: Medium
Date : 2018-04-04
CVE-ID : CVE-2018-7725 CVE-2018-7726 CVE-2018-7727
Package : zziplib
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-612

Summary

The package zziplib before version 0.13.69-1 is vulnerable to denial of
service.

Resolution

Upgrade to 0.13.69-1.

pacman -Syu “zziplib>=0.13.69-1”

The problems have been fixed upstream in version 0.13.69.

Workaround

None.

Description

CVE-2018-7725 (denial of service)

An out of bounds read was found in function zzip_disk_fread of ZZIPlib
before 0.13.69, when ZZIPlib mem_disk functionality is used. Remote
attackers could leverage this vulnerability to cause a denial of
service via a crafted zip file.

CVE-2018-7726 (denial of service)

An improper input validation was found in function
__zzip_fetch_disk_trailer of ZZIPlib before 0.13.69, that could lead to
a crash in __zzip_parse_root_directory function of zzip/zip.c. Remote
attackers could leverage this vulnerability to cause a denial of
service via a crafted zip file.

CVE-2018-7727 (denial of service)

A memory leak was found in unzip-mem.c and unzzip-mem.c of ZZIPlib
before 0.13.69, that could lead to resource exhaustion. Local attackers
could leverage this vulnerability to cause a denial of service via a
crafted zip file.

Impact

A remote attacker can cause a denial of service via a specially crafted
zip file.

References

https://github.com/gdraheim/zziplib/issues/39
https://github.com/gdraheim/zziplib/commit/1ba660b3300d67b8ce9f6b96bbae0b36fa2d6b06
https://github.com/gdraheim/zziplib/issues/41
https://github.com/gdraheim/zziplib/commit/19c9e4dc6c5cf92a38d0d23dbccac6993f9c41be
https://github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b
https://github.com/gdraheim/zziplib/issues/40
https://github.com/gdraheim/zziplib/commit/83a2da55922f67e07f22048ac9671a44cc0d35c4
https://security.archlinux.org/CVE-2018-7725
https://security.archlinux.org/CVE-2018-7726
https://security.archlinux.org/CVE-2018-7727

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyzziplib< 0.13.69-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ArchLinux	any	any	zziplib	< 0.13.69-1	UNKNOWN

References

github.com/gdraheim/zziplib/commit/19c9e4dc6c5cf92a38d0d23dbccac6993f9c41be

github.com/gdraheim/zziplib/commit/1ba660b3300d67b8ce9f6b96bbae0b36fa2d6b06

github.com/gdraheim/zziplib/commit/83a2da55922f67e07f22048ac9671a44cc0d35c4

github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b

github.com/gdraheim/zziplib/issues/39

github.com/gdraheim/zziplib/issues/40

github.com/gdraheim/zziplib/issues/41

security.archlinux.org/AVG-612

security.archlinux.org/CVE-2018-7725

security.archlinux.org/CVE-2018-7726

security.archlinux.org/CVE-2018-7727

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

65.8%

JSON

Related for ASA-201804-3