CVE-2014-9130

libyaml: assert failure when processing wrapped strings

Severity Score

5.3

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

scanner.c en LibYAML 0.1.5 y 0.1.6, utilizado en el módulo YAML-LibYAML (también conocido como YAML-XS) para Perl, permite a atacantes dependientes de contexto causar una denegación de servicio (fallo de aserción y caída) a través de vectores que involucran la envoltura de líneas (line-wrapping).

An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-11-28 CVE Reserved
2014-12-08 CVE Published
2024-08-06 CVE Updated
2024-08-06 First Exploit
2025-04-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation
CWE-617: Reachable Assertion

CAPEC

References (33)

URL	Tag	Source
http://advisories.mageia.org/MGASA-2014-0508.html	X_refsource_confirm
http://linux.oracle.com/errata/ELSA-2015-0100.html	X_refsource_confirm
http://secunia.com/advisories/59947	Third Party Advisory
http://secunia.com/advisories/60944	Third Party Advisory
http://secunia.com/advisories/62164	Third Party Advisory
http://secunia.com/advisories/62174	Third Party Advisory
http://secunia.com/advisories/62176	Third Party Advisory
http://secunia.com/advisories/62705	Third Party Advisory
http://secunia.com/advisories/62723	Third Party Advisory
http://secunia.com/advisories/62774	Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/11/28/8	Mailing List
http://www.openwall.com/lists/oss-security/2014/11/29/3	Mailing List
http://www.securityfocus.com/bid/71349	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/99047	Vdb Entry
https://puppet.com/security/cve/cve-2014-9130	X_refsource_confirm

URL	Date	SRC
http://www.openwall.com/lists/oss-security/2014/11/28/1	2024-08-06
https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2	2024-08-06
https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure	2024-08-06

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html	2017-12-09
http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html	2017-12-09
http://rhn.redhat.com/errata/RHSA-2015-0100.html	2017-12-09
http://rhn.redhat.com/errata/RHSA-2015-0112.html	2017-12-09
http://rhn.redhat.com/errata/RHSA-2015-0260.html	2017-12-09
http://www.debian.org/security/2014/dsa-3102	2017-12-09
http://www.debian.org/security/2014/dsa-3103	2017-12-09
http://www.debian.org/security/2014/dsa-3115	2017-12-09
http://www.mandriva.com/security/advisories?name=MDVSA-2014:242	2017-12-09
http://www.mandriva.com/security/advisories?name=MDVSA-2015:060	2017-12-09
http://www.ubuntu.com/usn/USN-2461-1	2017-12-09
http://www.ubuntu.com/usn/USN-2461-2	2017-12-09
http://www.ubuntu.com/usn/USN-2461-3	2017-12-09
https://access.redhat.com/security/cve/CVE-2014-9130	2015-02-23
https://bugzilla.redhat.com/show_bug.cgi?id=1169369	2015-02-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Pyyaml Search vendor "Pyyaml"		Libyaml Search vendor "Pyyaml" for product "Libyaml"				0.1.5 Search vendor "Pyyaml" for product "Libyaml" and version "0.1.5"		-		Affected
Pyyaml Search vendor "Pyyaml"		Libyaml Search vendor "Pyyaml" for product "Libyaml"				0.1.6 Search vendor "Pyyaml" for product "Libyaml" and version "0.1.6"		-		Affected