6 matches found
USN-8080-1: YARA vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...
Fedora 28 : yara (2018-8344cb89ac)
bump to 3.8.1, fix CVE-2018-12034 and CVE-2018-12035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...
Fedora 27 : yara (2018-7626df1731)
bump to 3.8.1, fix CVE-2018-12034 and CVE-2018-12035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...
Fedora Update for yara FEDORA-2018-8344cb89ac
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for yara FEDORA-2018-7626df1731
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-12034
YARA 3.7.1 and earlier contains an out-of-bounds read in yr_execute_code (libyara/exec.c) triggered by parsing a specially crafted compiled rule file. The issue affects the ability to read memory beyond bounds when rules are compiled and executed, as described in CVE-2018-12034 (and related CVE-2...