CVE-2018-7548: zsh: null-pointer deref when using ${(PA)...} on an empty array result

Severity: Critical

CVSS Score: 9.8

In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.