Описание
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | not-affected | 3.8.1-2 |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 3.8.1-2 |
| esm-apps/jammy | not-affected | 3.8.1-2 |
| esm-apps/noble | not-affected | 3.8.1-2 |
| esm-apps/xenial | needs-triage |
Показывать по
7.1 High
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
7.1 High
CVSS2
5.5 Medium
CVSS3