4 matches found
USN-8080-1: YARA vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...
Linux Distros Unpatched Vulnerability : CVE-2019-19648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the machoparsefile functionality in macho/macho.c of YARA 3.11.0, commandsize may be inconsistent with the real size. A specially crafted MachO file can caus...
CVE-2019-19648
creationtimestamp| type| source ---|---|--- 2024-03-09 09:11:55+00:00| seen| https://t.me/ctinow/203843...
CVE-2019-19648
CVE-2019-19648 affects YARA 3.11.0 in macho_parse_file (macho/macho.c) where command_size may not match the actual size, enabling an out-of-bounds memory access that can cause DoS (crash) or potential code execution via a crafted Mach-O file. Connected sources confirm the vulnerability in YARA an...