Описание
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| yara | fixed | 3.8.1-2 | package | |
| yara | no-dsa | stretch | package | |
| yara | no-dsa | jessie | package |
Примечания
https://github.com/VirusTotal/yara/issues/999
https://bnbdr.github.io/posts/extracheese/
https://github.com/bnbdr/swisscheese/
https://github.com/VirusTotal/yara/commit/6acc08d7329413f60e0976be017e18a581450d7a
https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c
EPSS
Связанные уязвимости
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).
EPSS