A NULL pointer dereference flaw was found in the code responsible for saving hashtables of the zsh package. An attacker could use this flaw to cause a denial of service by crashing the user shell.
A flaw was found in zsh prior 5.4.2. There is a crash when copying empty hash table with typeset -p.
(In reply to Laura Pardo from comment #0)
> A flaw was found in zsh prior 5.4.2.
The commit you refer to landed _after_ the 5.4.2 release of zsh and it has not been included in any stable release of zsh yet.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:3073 https://access.redhat.com/errata/RHSA-2018:3073