CVE-2021-3402
CRITICALYARA < 4.0.4 - Integer Overflow and Buffer Overflow Read via Malicious Mach-O File
Title source: llmDescription
An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4
References (5)
Core 5
Core References
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXM224OLGI6KAOROLDPPGGCZ2OQVQ6HH/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKNXSH5ERG6NELTXCYVJLUPJJJ2TNEBD/
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1930175
Exploit, Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2021/01/29/2
Exploit, Third Party Advisory x_refsource_misc
https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/
Scores
CVSS v3
9.1
EPSS
0.0222
EPSS Percentile
80.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-190
Status
published
Products (3)
fedoraproject/fedora
33
fedoraproject/fedora
34
virustotal/yara
< 4.0.4
Published
May 14, 2021
Tracked Since
Feb 18, 2026