Red Hat Bugzilla – Bug 1459012
CVE-2017-9438 yara: Stack consumption via a crafted rule mishandled in the _ur_re_emit function
Last modified: 2017-06-06 02:49:11 EDT
libyara/re.c in the regexp module in YARA 3.5.0 allows attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
Created yara tracking bugs for this issue:
Affects: epel-6 [bug 1459013]