A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function yaml_emitter_emit_flow_sequence_item of the file /src/libyaml/src/emitter.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. https://drive.google.com/drive/folders/1lwNEs8wqwkUV52f3uQNYMPrxRuXPtGQs?usp=sharing https://vuldb.com/?ctiid.259052 https://vuldb.com/?id.259052 https://vuldb.com/?submit.304561
Created R-yaml tracking bugs for this issue: Affects: fedora-all [bug 2272891] Created ghc-yaml tracking bugs for this issue: Affects: epel-all [bug 2272890] Created libyaml tracking bugs for this issue: Affects: fedora-all [bug 2272892] Created python-ruamel-yaml-clib tracking bugs for this issue: Affects: fedora-all [bug 2272893]
It seems that it's not actually a vulnerability in libyaml but a bug or misuse of libyaml in the fuzzer. They will probably try to reject the CVE. Analysis: https://github.com/yaml/libyaml/issues/258#issuecomment-2058613931 Issues for oss-fuzz: https://github.com/google/oss-fuzz/issues/11811 https://github.com/google/oss-fuzz/issues/11786
Also upstream has rejected this CVE: https://github.com/yaml/libyaml/issues/258#issuecomment-2063497383 Avinash what's the next steps? Can we remove the trackers and the bugs?