CVE-2017-17969
published 2018-01-30CVE-2017-17969: Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of…
PriorityP341high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
5.03%
91.2th percentile
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 7-zip | 7-zip | < 18.00 | 18.00 |
| 7-zip | p7zip | < 18.0 | 18.0 |
| 7-zip | p7zip | >= 0 < 16.02+dfsg-5 | 16.02+dfsg-5 |
| 7-zip | p7zip | >= 0 < 16.02+dfsg-5 | 16.02+dfsg-5 |
| 7-zip | p7zip | >= 0 < 16.02+dfsg-5 | 16.02+dfsg-5 |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | p7zip | < p7zip 16.02+dfsg-5 (bookworm) | p7zip 16.02+dfsg-5 (bookworm) |
| msrc | azl3_p7zip_16.02-23_on_azure_linux_3.0 | — | — |
| msrc | cbl2_p7zip_16.02-22_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_p7zip_16.02-22_on_cbl_mariner_1.0 | — | — |
| msrc | p7zip-16.02-22.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | p7zip-16.02-22.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64 | — | — |
| msrc | p7zip-16.02-23.azl3.aarch64.rpm_on_azure_linux_3.0_arm | — | — |
| msrc | p7zip-16.02-23.azl3.x86_64.rpm_on_azure_linux_3.0_x64 | — | — |
| msrc | p7zip-debuginfo-16.02-22.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | p7zip-debuginfo-16.02-22.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64 | — | — |
| msrc | p7zip-doc-16.02-22.cm2.noarch.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | p7zip-doc-16.02-22.cm2.noarch.rpm_on_cbl_mariner_2.0_x64 | — | — |
| msrc | p7zip-doc-16.02-23.azl3.noarch.rpm_on_azure_linux_3.0_arm | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8HIGH
vendor_msrc7.8HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
P7ZIP vulnerabilities
vendor_ubuntu·2019-03-21
CVE-2016-2335 P7ZIP vulnerabilities
Title: P7ZIP vulnerabilities
Summary: p7zip could be made to crash or run programs as your login if it
opened a specially crafted file.
It was discovered that p7zip did not correctly handle certain malformed
archives. If a user or automated system were tricked into processing a specially
crafted archive with p7zip, then p7zip could be made to crash, possibly leading
to abitrary code execution.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
vendor_redhat·2018-01-25·CVSS 7.8
CVE-2017-17969 [HIGH] CWE-122 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
Package: p7zip (Red Hat Enterprise Linux 8) - Not affected
Microsoft
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentiall
vendor_msrc·2018-01-09·CVSS 7.8
CVE-2017-17969 [HIGH] CWE-787 Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentiall
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to ad
Debian
CVE-2017-17969: p7zip - Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method ...
vendor_debian·2017·CVSS 7.8
CVE-2017-17969 [HIGH] CVE-2017-17969: p7zip - Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method ...
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
Scope: local
bookworm: resolved (fixed in 16.02+dfsg-5)
bullseye: resolved (fixed in 16.02+dfsg-5)
trixie: resolved (fixed in 16.02+dfsg-5)
GHSA
GHSA-5mfm-p22h-8c37: Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18
ghsa_unreviewed·2022-05-14
CVE-2017-17969 [HIGH] CWE-787 GHSA-5mfm-p22h-8c37: Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
OSV
CVE-2017-17969: Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18
osv·2018-01-30·CVSS 7.8
CVE-2017-17969 [HIGH] CVE-2017-17969: Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash [fedora-all]
bugzilla·2018-01-25·CVSS 7.8
CVE-2017-17969 [HIGH] CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash [fedora-all]
CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog a
Bugzilla
CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash [epel-all]
bugzilla·2018-01-25·CVSS 7.8
CVE-2017-17969 [HIGH] CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash [epel-all]
CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and t
Bugzilla
CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
bugzilla·2018-01-25·CVSS 7.8
CVE-2017-17969 [HIGH] CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash
A heap-based buffer overflow in 7-Zip's shrink decoder can allow an attacker to write arbitrary data to memory and cause a crash.
Versions of p7zip up to and including 16.02 are vulnerable. A fix for this vulnerability is available in the beta version of 7-zip 18.00 (for Windows).
External References:
https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip
http://www.7-zip.org/history.txt
Discussion:
Created p7zip tracking bugs for this issue:
Affects: epel-all [bug 1538458]
Affects: fedora-all [bug 1538459]
http://www.securitytracker.com/id/1040831https://0patch.blogspot.si/2018/02/two-interesting-micropatches-for-7-zip.htmlhttps://github.com/p7zip-project/p7zip/issues/7https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/https://lists.debian.org/debian-lts-announce/2018/02/msg00003.htmlhttps://usn.ubuntu.com/3913-1/https://www.debian.org/security/2018/dsa-4104http://www.securitytracker.com/id/1040831https://0patch.blogspot.si/2018/02/two-interesting-micropatches-for-7-zip.htmlhttps://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/https://lists.debian.org/debian-lts-announce/2018/02/msg00003.htmlhttps://usn.ubuntu.com/3913-1/https://www.debian.org/security/2018/dsa-4104
2018-01-30
Published