An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzipdiskfread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
{ "binaries": [ { "binary_version": "0.13.62-2ubuntu0.2", "binary_name": "libzzip-0-13" }, { "binary_version": "0.13.62-2ubuntu0.2", "binary_name": "libzzip-dev" }, { "binary_version": "0.13.62-2ubuntu0.2", "binary_name": "zziplib-bin" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "0.13.62-3ubuntu0.16.04.2", "binary_name": "libzzip-0-13" }, { "binary_version": "0.13.62-3ubuntu0.16.04.2", "binary_name": "libzzip-dev" }, { "binary_version": "0.13.62-3ubuntu0.16.04.2", "binary_name": "zziplib-bin" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "0.13.62-3.1ubuntu0.18.04.1", "binary_name": "libzzip-0-13" }, { "binary_version": "0.13.62-3.1ubuntu0.18.04.1", "binary_name": "libzzip-0-13-dbgsym" }, { "binary_version": "0.13.62-3.1ubuntu0.18.04.1", "binary_name": "libzzip-dev" }, { "binary_version": "0.13.62-3.1ubuntu0.18.04.1", "binary_name": "zziplib-bin" }, { "binary_version": "0.13.62-3.1ubuntu0.18.04.1", "binary_name": "zziplib-bin-dbgsym" } ], "availability": "No subscription required" }