A use-after-free in the zipdirentread function of zipdirent.c in libzip 1.2.0 allows attackers to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states "This use-after-free is triggered prior to the double free reported in CVE-2017-12858."
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.5.1-0ubuntu1", "binary_name": "libzip-dev" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "libzip5" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "libzip5-dbgsym" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "zipcmp" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "zipcmp-dbgsym" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "zipmerge" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "zipmerge-dbgsym" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "ziptool" }, { "binary_version": "1.5.1-0ubuntu1", "binary_name": "ziptool-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.7.3-1ubuntu2", "binary_name": "libzip-dev" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "libzip4" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "libzip4-dbgsym" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "zipcmp" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "zipcmp-dbgsym" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "zipmerge" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "zipmerge-dbgsym" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "ziptool" }, { "binary_version": "1.7.3-1ubuntu2", "binary_name": "ziptool-dbgsym" } ] }