CVE-2017-5980 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-5980 Interim 1 13 2023-12-08T01:35:11Z current 2021-05-30T13:53:19Z 2023-12-08T01:35:11Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-5980 The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2017-April/002826.html E-Mail link for SUSE-SU-2017:1095-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 libzzip-0-13-0.13.62-9.1 zziplib-devel-0.13.62-9.1 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 zziplib-devel-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 zziplib-devel-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 zziplib-devel-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 zziplib-devel-0.13.62-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 libzzip-0-13-0.13.62-9.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. CVE-2017-5980 SUSE Linux Enterprise Desktop 12 SP1:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Desktop 12 SP2:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Desktop 12 SP3:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP1:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP1:zziplib-devel-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP2:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP2:zziplib-devel-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP3:zziplib-devel-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP5:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Software Development Kit 12 SP5:zziplib-devel-0.13.62-9.1 SUSE Linux Enterprise Workstation Extension 12 SP1:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Workstation Extension 12 SP2:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Workstation Extension 12 SP3:libzzip-0-13-0.13.62-9.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libzzip-0-13-0.13.62-9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H