Back to search
CVE-2021-3402
Published: May 14, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4
| Vendor | Product | Versions |
|---|---|---|
n/a | libyara | affected libyara 4.0.4 |
Weaknesses (CWE)
References
FEDORA-2021-f41d5fc954
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-dd62918333
vendor-advisory
x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=1930175
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2021/01/29/2
x_refsource_MISC
https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now