Medium severity5.5NVD Advisory· Published Mar 1, 2017· Updated Jun 17, 2026
CVE-2017-5977
CVE-2017-5977
Description
The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords6 versionspkg:rpm/suse/zziplib&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/zziplib&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/zziplib&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/zziplib&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/zziplib&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1pkg:rpm/suse/zziplib&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2
< 0.13.62-9.1+ 5 more
- (no CPE)range: < 0.13.62-9.1
- (no CPE)range: < 0.13.62-9.1
- (no CPE)range: < 0.13.62-9.1
- (no CPE)range: < 0.13.62-9.1
- (no CPE)range: < 0.13.62-9.1
- (no CPE)range: < 0.13.62-9.1
Patches
Vulnerability mechanics
References
3- blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/nvdExploitThird Party Advisory
- www.openwall.com/lists/oss-security/2017/02/14/3nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/96268nvd
News mentions
0No linked articles in our index yet.