PatchSiren cyber security CVE debrief

CVE-2017-5978 Gdraheim CVE debrief

CVE-2017-5978 is a denial-of-service issue in zziplib 0.13.62. When the library processes a crafted ZIP file, the zzip_mem_entry_new function in memdisk.c can perform an out-of-bounds read and crash. The impact is availability loss rather than data exposure or code execution, and NVD rates the issue as medium severity.

Vendor: Gdraheim
Product: CVE-2017-5978
CVSS: MEDIUM 5.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-03-01
Original CVE updated: 2026-05-13
Advisory published: 2017-03-01
Advisory updated: 2026-05-13

Who should care

Organizations that ship or embed zziplib 0.13.62, especially software that opens untrusted ZIP archives. That includes Linux distributions, application packagers, and products that parse ZIP content from users, uploads, or external feeds.

Technical summary

The vulnerability is identified by NVD as CWE-125 (out-of-bounds read). The affected code path is zzip_mem_entry_new in memdisk.c. A crafted ZIP file can drive the parser into reading outside expected bounds, which can terminate the process. The NVD CVSS vector is CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, which indicates user-assisted triggering during file handling and a high availability impact.

Defensive priority

Medium. Treat as a reliability and input-validation issue that can crash ZIP-processing applications. Prioritize remediation if untrusted archives are accepted in production or if the library is widely deployed.

Recommended defensive actions

Upgrade or replace zziplib 0.13.62 with a vendor-patched or newer release that includes a fix for this issue.
Apply distribution security updates where available, such as the Debian advisory referenced in the CVE record.
Restrict exposure by avoiding direct processing of untrusted ZIP files in high-availability services until patched.
Add regression tests for malformed ZIP inputs and monitor archive-processing services for unexpected crashes.
Verify which products in your environment embed zziplib and track them as dependent components, not just as direct installations.

Evidence notes

The supplied NVD record states that zzip_mem_entry_new in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service through a crafted ZIP file. The NVD metadata maps the issue to CWE-125 and lists the vulnerable CPE as cpe:2.3:a:gdraheim:zziplib:0.13.62:*:*:*:*:*:*:*. The record also references Debian DSA-3878, SecurityFocus BID 96268, and a Gentoo blog post describing the out-of-bounds read. No evidence in the supplied corpus indicates known ransomware use or KEV listing.

Official resources

CVE-2017-5978 CVE record
CVE.org
CVE-2017-5978 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory

Publicly disclosed on 2017-03-01 in the CVE/NVD record. The supplied NVD record was modified on 2026-05-13. No KEV date is listed.