Subject: [ASA-201711-13] libzip: arbitrary code execution Arch Linux Security Advisory ASA-201711-13 ========================================== Severity: High Date : 2017-11-07 CVE-ID : CVE-2017-12858 Package : libzip Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-390 Summary ======= The package libzip before version 1.3.0-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 1.3.0-1. # pacman -Syu "libzip>=1.3.0-1" The problem has been fixed upstream in version 1.3.0. Workaround ========== None. Description =========== Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to execute arbitrary code via a crafted zip file. Impact ====== A remote attacker can execute arbitrary code on the affected host by tricking the user or an application using libzip into opening a crafted zip file. References ========== https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796 https://security.archlinux.org/CVE-2017-12858