VDB-99229 · CVE-2016-10210 · BID 98077

YARA 3.5.0 libyara/lexer.l yy_get_next_buffer null pointer dereference

A vulnerability has been found in YARA 3.5.0 and classified as problematic. Affected by this vulnerability is the function yy_get_next_buffer of the file libyara/lexer.l. The manipulation leads to null pointer dereference. The CWE definition for the vulnerability is CWE-476. The bug was discovered 12/06/2016. The weakness was shared 04/03/2017 as FEDORA-2017-11ac1e31eb (GitHub Repository). The advisory is shared at github.com. This vulnerability is known as CVE-2016-10210. The attack can be launched remotely. Technical details are available. There is no exploit available. The price for an exploit might be around USD $0-$5k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 118 days. We expect the 0-day to have been worth approximately $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 99743 (Fedora 25 : yara (2017-11ac1e31eb)), which helps to determine the existence of the flaw in a target environment. The commercial vulnerability scanner Qualys is able to test this issue with plugin 276739 (Fedora Security Update for yara (FEDORA-2017-5c55ef46ee)). The bugfix is ready for download at github.com. It is recommended to upgrade the affected component. A possible mitigation has been published 4 weeks after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 98077) and Tenable (99743).

Field04/03/2017 04:53 PM11/24/2022 04:28 PM11/24/2022 04:36 PM
nameYARAYARAYARA
version3.5.03.5.03.5.0
filelibyara/lexer.llibyara/lexer.llibyara/lexer.l
functionyy_get_next_bufferyy_get_next_bufferyy_get_next_buffer
discoverydate148098240014809824001480982400
cwe476 (null pointer dereference)476 (null pointer dereference)476 (null pointer dereference)
risk111
cvss2_vuldb_basescore5.05.05.0
cvss2_vuldb_tempscore3.93.93.9
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciNNN
cvss2_nvd_iiNNN
cvss2_nvd_aiPPP
cvss3_meta_basescore6.46.46.4
cvss3_meta_tempscore5.66.16.1
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore4.74.74.7
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cNNN
cvss3_nvd_iNNN
cvss3_nvd_aHHH
date1491177600 (04/03/2017)1491177600 (04/03/2017)1491177600 (04/03/2017)
locationGitHub RepositoryGitHub RepositoryGitHub Repository
urlhttps://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4https://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4https://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4
confirm_urlhttps://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4https://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4https://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4
price_0day$0-$5k$0-$5k$0-$5k
nameUpgradeUpgradeUpgrade
date1493424000 (04/29/2017)1493424000 (04/29/2017)1493424000 (04/29/2017)
cveCVE-2016-10210CVE-2016-10210CVE-2016-10210
cve_assigned1486425600 (02/07/2017)1486425600 (02/07/2017)1486425600 (02/07/2017)
cve_nvd_published149117760014911776001491177600
cve_nvd_summarylibyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
osvdb_titleCVE-2016-10210 - YARA - Denial of Service IssueCVE-2016-10210 - YARA - Denial of Service IssueCVE-2016-10210 - YARA - Denial of Service Issue
securityfocus980779807798077
securityfocus_date1491177600 (04/03/2017)1491177600 (04/03/2017)1491177600 (04/03/2017)
securityfocus_classDesign ErrorDesign ErrorDesign Error
securityfocus_titleYARA 'yy_get_next_buffer()' Function Denial of Service VulnerabilityYARA 'yy_get_next_buffer()' Function Denial of Service VulnerabilityYARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
nessus_id997439974399743
nessus_nameFedora 25 : yara (2017-11ac1e31eb)Fedora 25 : yara (2017-11ac1e31eb)Fedora 25 : yara (2017-11ac1e31eb)
nessus_filenamefedora_2017-11ac1e31eb.naslfedora_2017-11ac1e31eb.naslfedora_2017-11ac1e31eb.nasl
nessus_riskMediumMediumMedium
nessus_familyFedora Local Security ChecksFedora Local Security ChecksFedora Local Security Checks
nessus_typelocallocallocal
nessus_date1493596800 (05/01/2017)1493596800 (05/01/2017)1493596800 (05/01/2017)
openvas_id867773867773867773
openvas_filenamegb_fedora_2017_9941306740_yara_fc24.naslgb_fedora_2017_9941306740_yara_fc24.naslgb_fedora_2017_9941306740_yara_fc24.nasl
openvas_titleFedora Update for yara FEDORA-2017-9941306740Fedora Update for yara FEDORA-2017-9941306740Fedora Update for yara FEDORA-2017-9941306740
openvas_familyFedora Local Security ChecksFedora Local Security ChecksFedora Local Security Checks
qualys_id276739276739276739
qualys_titleFedora Security Update for yara (FEDORA-2017-5c55ef46ee)Fedora Security Update for yara (FEDORA-2017-5c55ef46ee)Fedora Security Update for yara (FEDORA-2017-5c55ef46ee)
seealso99230 99244 99245 100634 10124199230 99244 99245 100634 10124199230 99244 99245 100634 101241
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcUCUCUC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcUUU
reaction_days262626
0day_days118118118
exposure_days262626
cvss3_nvd_basescore7.57.57.5
identifier3119b232c9c453c98d8fa8b6ae4e37ba18117cd4FEDORA-2017-11ac1e31eb
patch_urlhttps://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4https://github.com/VirusTotal/yara/commit/3119b232c9c453c98d8fa8b6ae4e37ba18117cd4
cvss2_nvd_basescore5.05.0

Do you know our Splunk app?

Download it now for free!