Rapid7

vulnerability

Arch Linux: Denial of service (CVE-2017-5977)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Mar 1, 2017
Added
Jul 11, 2025
Modified
Mar 25, 2026

Description

The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.

Solution

arch-linux-upgrade-latest

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report