cve/CVE-2017-9438.md at 9cc2023bd8dbe0ab8c5f051fa9a43f1e04594987

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.

POC

Reference

No PoCs from references.

Github

https://github.com/ICSE2020-MemLock/MemLock_Benchmark
https://github.com/SZU-SE/MemLock_Benchmark
https://github.com/SZU-SE/Stack-overflow-Fuzzer-TestSuite
https://github.com/tzf-key/MemLock_Benchmark
https://github.com/tzf-omkey/MemLock_Benchmark
https://github.com/wcventure/MemLock_Benchmark

972 B Raw Blame History

CVE-2017-9438

Description

POC

Reference

Github

972 B

Raw Blame History