CVE-2017-8294
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-8294
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8294.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-8294
- Downstream
- Related
- Published
- 2017-04-27T14:59:00.310Z
- Modified
- 2025-11-20T10:43:09.682959Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yrreexec function.
- References
Affected packages
Git / github.com/virustotal/yara
Affected ranges
- Type
- GIT
- Repo
- https://github.com/virustotal/yara
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"target": {
"function": "test_re",
"file": "tests/test-rules.c"
},
"digest": {
"length": 11827.0,
"function_hash": "6675730886640864820263708902328675953"
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-8294-078b1519"
},
{
"target": {
"file": "libyara/scan.c"
},
"digest": {
"line_hashes": [
"298678278890016177094226792384841465972",
"115030241433889253518193458123014473689",
"329308889560649217400728530026458512797",
"144553008709708727182860129965294085591",
"33508348889715872939576877659060235605",
"314757613728239886576175251272018315851",
"203652821191717897634077684506596455426",
"192980430375982696898103606860225765902",
"33508348889715872939576877659060235605",
"314757613728239886576175251272018315851",
"203652821191717897634077684506596455426",
"192980430375982696898103606860225765902",
"127858277739664915076606262077831201687",
"80062374424305076488952636591543206775",
"100732343066072604303822883868109074611",
"243767082347591346401845423856184963015"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2017-8294-17db7816"
},
{
"target": {
"file": "libyara/include/yara/re.h"
},
"digest": {
"line_hashes": [
"324949792560091756224163064057242897528",
"990241639781909245954774255435332669",
"240278386194186106605376045912427372554",
"129405104233856687665178532077183749764",
"263764413210481694627368840791889946042",
"174235008852535607116325528137993283975",
"58626142807329644705997517255860667771",
"105565019056886738521006211235579263192",
"196043980291925173933474761435055756966",
"195071231783080398217433514423522632471",
"329308889560649217400728530026458512797",
"144553008709708727182860129965294085591",
"242886544882867689198425636031964037381",
"195071231783080398217433514423522632471",
"329308889560649217400728530026458512797",
"144553008709708727182860129965294085591"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2017-8294-4daf94ea"
},
{
"target": {
"file": "libyara/exec.c"
},
"digest": {
"line_hashes": [
"180564530272520500841657061280812406658",
"200922995584183858963552054136959670898",
"168061866531480460254684823910370652781",
"111090251000905298206509196838076097638"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2017-8294-5bc983ea"
},
{
"target": {
"function": "yr_execute_code",
"file": "libyara/exec.c"
},
"digest": {
"length": 16439.0,
"function_hash": "165468636708465699324538963672363383940"
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-8294-96bc484e"
},
{
"target": {
"function": "yr_re_exec",
"file": "libyara/re.c"
},
"digest": {
"length": 453.0,
"function_hash": "325700773811560424275481412306906264612"
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-8294-96bd0e6a"
},
{
"target": {
"function": "yr_re_fast_exec",
"file": "libyara/re.c"
},
"digest": {
"length": 2051.0,
"function_hash": "4404120521763609504453440516522151956"
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-8294-98003b09"
},
{
"target": {
"function": "_yr_scan_verify_re_match",
"file": "libyara/scan.c"
},
"digest": {
"length": 1838.0,
"function_hash": "265961797797799156796351398842118643067"
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-8294-a0796555"
},
{
"target": {
"file": "libyara/re.c"
},
"digest": {
"line_hashes": [
"241366568729611624624022607543917496947",
"324559293588523416768677789583550751772",
"122922926922472298041466322947265388981",
"533649957322013738915299173030457068",
"73822230118914005020770311543615119375",
"267864666699287602689238538541756316282",
"148870870899111847726785039237130289936",
"209466726100908626563047141659268919172",
"151005180672490946819730002055313426159",
"105859359658497366019523385213633238124",
"337217937618060313209329346888372268416",
"37344990670557435908305717466962995631",
"174535657706961513648427489092409908066",
"36559690329152894837656704777699997515",
"232489525937333331244503081164622122612",
"322191154173932016472806497002574798400",
"91681304792694860967171270600793554193",
"68097493210211348514976142997465835397",
"99508096745715448066323683380637843706",
"222526003185754935196357196136287164809",
"250452398146489839829183429070985844416",
"140153630525003331000688340470894382221",
"241941844351731381922610925712209783839",
"207162341577842318400253818010533357206",
"331199787879423806112989559613632894695",
"123987039347623281882015354539969323922",
"270369247435248227945771090020155204298",
"136192629700681405768062240853484640893",
"116684391864681439292654961317477755833",
"219702664201708272468475557382273167636",
"301037335226467119571012702732354811460",
"254609235829469923468720525880475740132",
"6094149510542793034466122956456286079",
"313812679611682147896260217852352141037",
"243478308062012895747573509807475634354",
"77306802129883414777774724013077665047",
"223233284889212244933693536320397889365",
"85040000024345694496848398617662549978",
"1925653159542210003455987985801292831",
"203917981864325181107905027008846683857",
"246210722743053313675899371608708253478",
"58783605126494420613308885907958202384",
"244871419703628979080711017871778113074",
"182647278537149965209809650945122896644",
"126592461572800946076905427353122963747",
"110952916795834918278603992630436552448",
"62514565655805028738559144036225859841",
"319136761567998098077232334373697801320",
"304516014916137576515973097634812987653",
"270943291890008906227244831202284217519",
"104407386398230498763482309560193485464",
"103124530587428009616080768515827741915",
"325309378010001227833882753550236167972",
"337282328068026804977894540569574942280",
"20931924149146114303411948276210413214",
"300834964599588132910400858127997209433",
"192205976304746755609406438443759636172",
"136772147437818869960976981098493465236",
"103312179413043108691204721178859460661",
"332283545045183256085521351369403931302",
"269856177471760743896289580766546510498",
"80580666463073115143524854730803131732",
"338947368611214957654629208141613964572",
"104134672885863993494194296993726339594",
"250041296964640594470259883688681747951",
"245372383392056323485177660471937525741",
"82733044043760978696377446524291757273",
"224726084876571947542372595037729752389",
"225511163003317523505822399757672260167",
"10872588922842629893523926310876502650",
"305091299493058380286184578413638178434",
"70276389452508131041653516212511751727",
"332619034012376505103646112713490166147",
"262468665153036193293192641175730336773",
"272464119822889454928326694148928200172",
"102598108211638039192909526500270918608",
"199829095667202790620946831276043160454",
"176944035512671495963257243521818864528",
"82506525885206685399255386229587881221",
"81536050965043434535507410334172773911",
"174535657706961513648427489092409908066",
"36559690329152894837656704777699997515",
"206179536687940786403570257822367295093",
"126869526521501282529998833147720998793",
"207802719318217699549539142363039891440",
"194637426577345688911795327200019297316"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2017-8294-a6faf0b0"
},
{
"target": {
"function": "yr_re_match",
"file": "libyara/re.c"
},
"digest": {
"length": 182.0,
"function_hash": "161365621626890638326663483567351548484"
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-8294-c9407ad0"
},
{
"target": {
"file": "tests/test-rules.c"
},
"digest": {
"line_hashes": [
"80661261998876771924755785928395759780",
"184951613192694374090990382388338348325",
"319530050382063885941508709592605701336"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/virustotal/yara/commit/83d799804648c2a0895d40a19835d9b757c6fa4e",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2017-8294-d9178f17"
}
]