OpenSUSE Linux update for unzip
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2014-9636 CVE-2014-9913 CVE-2015-7696 CVE-2015-7697 CVE-2016-9844 CVE-2018-1000035 |
| CWE-ID | CWE-125 CWE-119 CWE-399 CWE-20 CWE-122 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #5 is available. |
| Vulnerable software |
Opensuse Operating systems & Components / Operating system |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU13613
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-9636
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionUpdate the affected packages.
Opensuse: 42.3
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-10/msg00013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU33147
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-9913
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to perform service disruption.
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
MitigationUpdate the affected packages.
Opensuse: 42.3
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-10/msg00013.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU33148
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-7696
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in Info-ZIP UnZip 6.0. A remote attacker can perform a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
MitigationUpdate the affected packages.
Opensuse: 42.3
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-10/msg00013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource management error
EUVDB-ID: #VU33149
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-7697
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
MitigationUpdate the affected packages.
Opensuse: 42.3
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-10/msg00013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU18051
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2016-9844
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the zi_short() function in zipinfo.c when processing a large compression method value in the central directory file header. A remote attacker can pass a specially crafted array to the application and trigger denial of service (DoS) condition.
Update the affected packages.
Opensuse: 42.3
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-10/msg00013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Heap-based buffer overflow
EUVDB-ID: #VU13614
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-1000035
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionUpdate the affected packages.
Opensuse: 42.3
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-10/msg00013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
