PatchSiren cyber security CVE debrief

CVE-2017-5980 Gdraheim CVE debrief

CVE-2017-5980 is a denial-of-service issue in zziplib 0.13.62. A crafted ZIP file can trigger a NULL pointer dereference in zzip_mem_entry_new in memdisk.c, leading to a crash. The published record classifies the impact as availability-only, so the main concern is application interruption rather than data exposure or tampering.

Vendor: Gdraheim
Product: CVE-2017-5980
CVSS: MEDIUM 5.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-03-01
Original CVE updated: 2026-05-13
Advisory published: 2017-03-01
Advisory updated: 2026-05-13

Who should care

Teams that ship or embed zziplib 0.13.62, especially software that opens untrusted ZIP archives; this includes application developers, distro/package maintainers, and operators responsible for crash-sensitive services.

Technical summary

The NVD record maps CVE-2017-5980 to zziplib 0.13.62 and CWE-476 (NULL pointer dereference). The supplied CVSS v3.0 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, indicating a user-interaction-dependent crash path with high availability impact and no confidentiality or integrity impact in the published scoring. Although the CVE description says "remote attackers," the NVD vector suggests the practical exposure is a user-triggered parsing failure when a crafted ZIP file is processed.

Defensive priority

Medium. Prioritize remediation if zziplib parses untrusted ZIP content or is used in crash-sensitive workflows, but the published scoring indicates an availability-only issue with user interaction required.

Recommended defensive actions

Inventory systems and applications that use zziplib 0.13.62, including vendored or statically linked copies.
Upgrade to a fixed package or patched build provided by your distribution or software vendor.
Limit exposure to untrusted ZIP archives until remediation is complete.
Add regression tests and crash monitoring around ZIP parsing paths that exercise zzip_mem_entry_new.
Use the linked NVD and distribution advisories to confirm the appropriate remediation for your platform.

Evidence notes

The supplied NVD data identifies the affected CPE as cpe:2.3:a:gdraheim:zziplib:0.13.62:*:*:*:*:*:*:* and assigns CWE-476. The reference set includes a Debian security advisory (DSA-3878), a SecurityFocus BID entry, and a Gentoo blog advisory discussing the NULL pointer dereference. One useful nuance: the narrative description mentions remote attackers, but the published CVSS vector is AV:L/UI:R, so defensive planning should treat this as a user-assisted parsing crash rather than a straightforward network exploit.

Official resources

CVE-2017-5980 CVE record
CVE.org
CVE-2017-5980 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory

Originally published on 2017-03-01; the NVD record was last modified on 2026-05-13. No KEV entry is present in the supplied enrichment data.