View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-6541 severity moderate: SUSE including 6 source package names (libzzip-0-13, zziplib, zziplib-0.13.62-11.el7, zziplib-devel, zziplib-devel-0.13.62-11.el7, zziplib-utils-0.13.62-11.el7), 15 product×package rows across 6 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP3, … (6 product lines)): Known Not Affected 12, Fixed 3.
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.