VIR Vulnerability Intelligence Relay

CVE-2016-10210

high
Published 2017-04-03 · Modified 2026-05-13
💬 Discuss on Community ✚ Propose mitigation
CVSS v3
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v4 NEW
—
not yet in upstream
VIR risk
7.5

Description

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.

Predictions

Exploit likelihood
83%
Patch ETA
—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Debian Security Tracker · View original ↗ · DFSG

CVE-2016-10210 NameCVE-2016-10210 Descriptionlibyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web…

CVE-2016-10210

NameCVE-2016-10210
Descriptionlibyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs859821

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
yara (PTS)bullseye4.0.5-1fixed
bookworm4.2.3-4fixed
trixie4.5.2-1fixed
forky, sid4.5.6-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
yarasourcejessie3.1.0-2+deb8u1
yarasource(unstable)3.5.0+dfsg-9859821

Notes

https://github.com/VirusTotal/yara/issues/576

Home - Debian Security - Source (Git)

Apply commands

text fix
Notes
https://github.com/VirusTotal/yara/issues/576

OS impact
debian Debian Fixed 5 releases
VersionStatusFixed in
trixie Fixed 3.5.0+dfsg-9
sid Fixed 3.5.0+dfsg-9
forky Fixed 3.5.0+dfsg-9
bullseye Fixed 3.5.0+dfsg-9
bookworm Fixed 3.5.0+dfsg-9

Application impact
VendorProductVersionsFixed
virustotalyara3.5.0

References

CWEs

CWE-476

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.