An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4
3.4.0+dfsg-23.4.0+dfsg-2build13.6.3+dfsg-1ubuntu13.7.1-1ubuntu13.7.1-1ubuntu23.9.0-14.1.0-14.1.3-14.1.3-1build1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:NA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H