Bug#861590: yara: CVE-2017-8294: denial of service via a crafted rule (yr_re_exec function)
Salvatore Bonaccorso
carnil at debian.org
Mon May 1 06:55:52 UTC 2017
Source: yara
Version: 3.5.0+dfsg-9
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/VirusTotal/yara/issues/646
Hi,
the following vulnerability was published for yara.
CVE-2017-8294[0]:
| libyara/re.c in the regex component in YARA 3.5.0 allows remote
| attackers to cause a denial of service (out-of-bounds read and
| application crash) via a crafted rule that is mishandled in the
| yr_re_exec function.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-8294
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8294
[1] https://github.com/VirusTotal/yara/issues/646
Please adjust the affected versions in the BTS as needed, only sid has
been checked source-code wise.
Regards,
Salvatore
More information about the forensics-devel
mailing list