Design/Logic Flaw

2018-12-2021:29:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.1%

JSON

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file.

CPENameOperatorVersion
netwide_assemblereq2.15
netwide_assemblereq2.14.1-rc5

CPE	Name	Operator	Version
	netwide_assembler	eq	2.15
	netwide_assembler	eq	2.14.1-rc5

References

bugzilla.nasm.us/show_bug.cgi?id=3392514