Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Arch Linux Unzip Advisory ASA-201503-9 High: Buffer Overflow Threat

Archlinux Large Esm H446
The package unzip before version 6.0-10 is vulnerable to heap buffer overflow leading to denial of service or possibly arbitrary code execution.
Arch Linux Security Advisory ASA-201503-9
========================================
Severity: High
Date    : 2015-03-15
CVE-ID  : CVE-2014-9636
Package : unzip
Type    : arbitrary code execution
Remote  : Yes
Link    : https://wiki.archlinux.org/title/CVE

Summary
======
The package unzip before version 6.0-10 is vulnerable to heap buffer
overflow leading to denial of service or possibly arbitrary code execution.

Resolution
=========
Upgrade to 6.0-10.

# pacman -Syu "unzip>=6.0-10"

The problems have not been fixed upstream but patches were added.

Workaround
=========
None.

Description
==========
A buffer overflow (out-of-bounds read or write) in test_compr_eb() in
extract.c was found in the way unzip handled an extra field with an
uncompressed size smaller than the compressed field size in a zip
archive that advertises STORED method compression. A specially crafted
Zip archive could cause unzip to crash or, possibly, execute arbitrary code.

Impact
=====
An attacker is able to execute arbitrary code or cause a denial of
service through a specially crafted zip file.

References
=========
;t=450
https://access.redhat.com/security/cve/CVE-2014-9636
https://bugs.archlinux.org/task/44171

Your message here