A flaw was found in ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. References: https://github.com/gdraheim/zziplib/issues/15 Patch: https://github.com/gdraheim/zziplib/commit/72ec933663f738d8e166979aa7fd5590b2104a07
Created zziplib tracking bugs for this issue: Affects: fedora-all [bug 1542262]