SUSE CVE-2017-8294

🗓️ 15 Feb 2023 04:46:13Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

YARA 3.5.0 regex component causes remote denial of service via crafted rule due to out-of-bounds read.

Reporter	Title	Published	Views	Family All 41
CNVD	YARA Denial of Service Vulnerability	2 May 201700:00	–	cnvd
CVE	CVE-2017-8294	27 Apr 201714:00	–	cve
Cvelist	CVE-2017-8294	27 Apr 201714:00	–	cvelist
Debian CVE	CVE-2017-8294	27 Apr 201714:00	–	debiancve
EUVD	EUVD-2017-17256	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 24 Update: yara-3.5.0-7.fc24	29 Apr 201722:21	–	fedora
Fedora	[SECURITY] Fedora 26 Update: yara-3.5.0-7.fc26	30 Apr 201700:20	–	fedora
Fedora	[SECURITY] Fedora 25 Update: yara-3.5.0-7.fc25	29 Apr 201723:22	–	fedora
Tenable Nessus	Fedora 25 : yara (2017-11ac1e31eb)	1 May 201700:00	–	nessus
Tenable Nessus	Fedora 26 : yara (2017-2e94c7b518)	17 Jul 201700:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	libyara-devel	4.1.1-1.2	libyara-devel-4.1.1-1.2.noarch.rpm
OpenSUSE Tumbleweed	–	any	libyara8	4.1.1-1.2	libyara8-4.1.1-1.2.noarch.rpm
OpenSUSE Tumbleweed	–	any	yara	4.1.1-1.2	yara-4.1.1-1.2.noarch.rpm
OpenSUSE Tumbleweed	–	any	yara-doc	4.1.1-1.2	yara-doc-4.1.1-1.2.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2017-8294
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1032076
bugzilla	www.bugzilla.suse.com/1032077
bugzilla	www.bugzilla.suse.com/1032078
bugzilla	www.bugzilla.suse.com/1032079
bugzilla	www.bugzilla.suse.com/1036837

14 May 2026 03:19Current

6.7Medium risk

Vulners AI Score6.7

CVSS 37.5

EPSS0.00295

yara regex component out of bounds read crafted rule denial of service yr_re_exec suse unix