Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-31973HistoryMay 09, 2023 - 2:15 p.m.
CVE-2023-31973
2023-05-0914:15:13
Debian Security Bug Tracker
security-tracker.debian.org
9
yasm
vulnerability
use after free
expand_mmact_params
bug
security policy
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | yasm | <= 1.3.0-4 | yasm_1.3.0-4_all.deb |
| Debian | 11 | all | yasm | <= 1.3.0-2.1 | yasm_1.3.0-2.1_all.deb |
| Debian | 999 | all | yasm | <= 1.3.0-5 | yasm_1.3.0-5_all.deb |
| Debian | 13 | all | yasm | <= 1.3.0-5 | yasm_1.3.0-5_all.deb |
Related
cvelist
cvelist
CVE-2023-31973
2023-05-09 00:00:00
prion
prion
Design/Logic Flaw
2023-05-09 14:15:00
ubuntucve
ubuntucve
CVE-2023-31973
2023-05-09 00:00:00
osv
osv
CVE-2023-31973
2023-05-09 14:15:13
vulnrichment
vulnrichment
CVE-2023-31973
2023-05-09 00:00:00
alpinelinux
alpinelinux
CVE-2023-31973
2023-05-09 14:15:13
cve
cve
CVE-2023-31973
2023-05-09 14:15:13
nvd
nvd
CVE-2023-31973
2023-05-09 14:15:13
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
Related for DEBIANCVE:CVE-2023-31973