Vulnerability Details CVE-2021-3402
An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.6%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1930175
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKNXSH5ERG6NELTXCYVJLUPJJJ2TNEBD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXM224OLGI6KAOROLDPPGGCZ2OQVQ6HH/
- https://www.openwall.com/lists/oss-security/2021/01/29/2
- https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/
- https://bugzilla.redhat.com/show_bug.cgi?id=1930175
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKNXSH5ERG6NELTXCYVJLUPJJJ2TNEBD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXM224OLGI6KAOROLDPPGGCZ2OQVQ6HH/
- https://www.openwall.com/lists/oss-security/2021/01/29/2
- https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/
Products affected by CVE-2021-3402
-
cpe:2.3:a:virustotal:yara:-
-
cpe:2.3:a:virustotal:yara:1.7.1
-
cpe:2.3:a:virustotal:yara:1.7.2
-
cpe:2.3:a:virustotal:yara:2.0.0
-
cpe:2.3:a:virustotal:yara:2.1.0
-
cpe:2.3:a:virustotal:yara:3.0.0
-
cpe:2.3:a:virustotal:yara:3.1.0
-
cpe:2.3:a:virustotal:yara:3.10.0
-
cpe:2.3:a:virustotal:yara:3.11.0
-
cpe:2.3:a:virustotal:yara:3.2.0
-
cpe:2.3:a:virustotal:yara:3.3.0
-
cpe:2.3:a:virustotal:yara:3.4.0
-
cpe:2.3:a:virustotal:yara:3.5.0
-
cpe:2.3:a:virustotal:yara:3.6.0
-
cpe:2.3:a:virustotal:yara:3.6.1
-
cpe:2.3:a:virustotal:yara:3.6.2
-
cpe:2.3:a:virustotal:yara:3.6.3
-
cpe:2.3:a:virustotal:yara:3.7.0
-
cpe:2.3:a:virustotal:yara:3.7.1
-
cpe:2.3:a:virustotal:yara:3.8.0
-
cpe:2.3:a:virustotal:yara:3.8.1
-
cpe:2.3:a:virustotal:yara:3.9.0
-
cpe:2.3:a:virustotal:yara:4.0.0
-
cpe:2.3:a:virustotal:yara:4.0.1
-
cpe:2.3:a:virustotal:yara:4.0.2
-
cpe:2.3:a:virustotal:yara:4.0.3
-
cpe:2.3:o:fedoraproject:fedora:33
-
cpe:2.3:o:fedoraproject:fedora:34