NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
References
Link | Resource |
---|---|
https://github.com/cyrillos/nasm/issues/3 | Exploit Third Party Advisory |
https://bugzilla.nasm.us/show_bug.cgi?id=3392507 | Exploit Issue Tracking Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html | |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-09-06 10:29
Updated : 2020-07-13 14:15
NVD link : CVE-2018-1000667
Mitre link : CVE-2018-1000667
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
nasm
- netwide_assembler