EUVD-2020-10694

Malware in sbrugna...

A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.

...

In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.

...

CVE-2020-18780

A Use After Free vulnerability in function newToken in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command...

CVE-2020-18780

A Use After Free vulnerability in function newToken in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command...

Design/Logic Flaw

A Use After Free vulnerability in function newToken in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command...

CVE-2020-18780

A Use After Free vulnerability in function newToken in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command...

OPENSUSE-SU-2020:0954-1 Security update for nasm

This update for nasm fixes the following issues: nasm was updated to version 2.14.02. This allows building of Mozilla Firefox 78ESR and also contains lots of bugfixes, security fixes and improvements. Fix crash due to multiple errors or warnings during the code generation pass if a list file is...

Security update for nasm (moderate)

openSUSE Security Update: Security update for nasm Announcement ID: openSUSE-SU-2020:0954-1 Rating: moderate References: 1084631 1086186 1086227 1086228 1090519 1090840 1106878 1107592 1107594 1108404 1115758 1115774 1115795 1173538 Cross-References: CVE-2018-1000667 CVE-2018-10016 CVE-2018-10254...

SUSE-SU-2020:1843-1 Security update for nasm

This update for nasm fixes the following issues: nasm was updated to version 2.14.02. This allows building of Mozilla Firefox 78ESR and also contains lots of bugfixes, security fixes and improvements. Fix crash due to multiple errors or warnings during the code generation pass if a list file is...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

NASM: Multiple vulnerabilities

Background NASM is a 80x86 assembler that has been created for portability and modularity. NASM supports Pentium, P6, SSE MMX, and 3DNow extensions. It also supports a wide range of objects formats ELF, a.out, COFF, etc, and has its own disassembler. Description Multiple vulnerabilities have been...

CVE-2019-8343

CVE-2019-8343 affects NASM 2.14.02, with a use-after-free in paste_tokens (asm/preproc.c). Public docs confirm the NASM issue and link it to unpatched/legacy deployments (e.g., Gentoo GLSA 202312-09 notes upgrading to NASM >= 2.16.01). Impact details in sources describe potential denial of ser...

CVE-2019-8343

In Netwide Assembler NASM 2.14.02, there is a use-after-free in pastetokens in asm/preproc.c...

PT-2019-18977 · Netwide +2 · Netwide Assembler +2

Name of the Vulnerable Software and Affected Versions: Netwide Assembler NASM version 2.14.02 Description: The issue is related to a use-after-free in the paste tokens function located in asm/preproc.c. This indicates a memory management problem where memory is accessed after it has been freed,...