SB2018040503 - Arch Linux update for zziplib

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018040503

SB2018040503 - Arch Linux update for zziplib

Published: April 5, 2018

Security Bulletin ID SB2018040503
Severity
Low
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2018-6381)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the zzip_disk_fread function in zzip/mmapped.c due to the size variable is not validated against the amount of file->stored data. A remote attacker can trigger memory corruption and cause the service to crash.

2) Memory corruption (CVE-ID: CVE-2018-6484)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the __zzip_fetch_disk_trailer function of zzip/zip.c due to memory alignment error and bus error. A remote attacker can submit a specially crafted zip file, trigger memory corruption and cause the service to crash.

3) Memory corruption (CVE-ID: CVE-2018-6540)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the zzip_disk_findfirst function of zzip/mmapped.c due to bus error caused by loading of a misaligned address. A remote attacker can submit a specially crafted zip file, trigger memory corruption and cause the service to crash.

4) Memory corruption (CVE-ID: CVE-2018-6541)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in __zzip_fetch_disk_trailer in zzip/zip.c due to bus error caused by loading of a misaligned address when handling disk64_trailer local entries. A remote attacker can submit a specially crafted zip file, trigger memory corruption and cause the service to crash.

5) Memory corruption (CVE-ID: CVE-2018-6542)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the zzip_disk_findfirst function of zzip/mmapped.c due to bus error when handling a disk64_trailer seek value caused by loading of a misaligned address. A remote attacker can trigger memory corruption and cause the service to crash.

6) Memory corruption (CVE-ID: CVE-2018-6869)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the __zzip_parse_root_directory function of zzip/zip.c due to uncontrolled memory allocation. A remote attacker can trick the victim into opening a specially crafted zip file, trigger memory corruption and cause the application to crash.

Remediation

Install update from vendor's website.

References