CVE-2017-9304 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Virustotal	Yara	3.5.0

Related Weaknesses (CWE)

CWE-674

References

https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae6Patch
https://github.com/VirusTotal/yara/issues/674Issue TrackingPatch
https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae6Patch
https://github.com/VirusTotal/yara/issues/674Issue TrackingPatch

FAQ

What is CVE-2017-9304?

CVE-2017-9304 is a vulnerability with a CVSS score of 7.5 (HIGH). libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.

How severe is CVE-2017-9304?

CVE-2017-9304 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-9304?

Check the references section above for vendor advisories and patch information. Affected products include: Virustotal Yara.