libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 15.1X53-D590 |