USN-8080-1

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS. (CVE-2016-10211, CVE-2017-5923, CVE-2017-5924, CVE-2017-8294, CVE-2017-8929, CVE-2017-9304, CVE-2017-9438, CVE-2017-9465)

Jurriaan Bremer discovered that YARA's yr_object_array_set_limit() function could result in a heap buffer overflow when scanning specially crafted .NET files. A remote attacker could possibly use this issue to cause YARA to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-11328)

It was discovered that YARA's yr_execute_code() function could cause an out-of-bounds read or write when parsing specially crafted compiled rule files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-12034, CVE-2018-12035)

It was discovered that YARA's virtual machine could be escaped in certain instances. A remote attacker could possibly use these issues to execute arbitrary code. These issues only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-19974, CVE-2018-19975, CVE-2018-19976)

It was discovered that YARA's macho_parse_file() function would generate an out-of-bounds memory access error when parsing a specially crafted Mach-O file. A remote attacker could possibly use this issue to cause YARA to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-19648)

It was discovered that YARA's macho.c implementation contained several overflow reads, which could be triggered when parsing specially crafted Mach-O files. A remote attacker could possibly use this issue to cause YARA to crash, resulting in a denial of service, or to...