JLSEC-2026-587

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandmmacparams in modules/preprocs/nasm/nasm-pp.c...

[SECURITY] Fedora 44 Update: nasm-3.01-3.fc44

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax...

Astra Linux - уязвимость в nasm

There is a use-after-free in asm/preproc.c function ppgetline in Netwide Assembler NASM 2.14rc16, which will cause a denial of service during a line-number increment attempt...

Astra Linux - уязвимость в nasm

In Netwide Assembler NASM 2.15rc0, a heap-based buffer over-read occurs due to a malicious .asm file during the call to settextfree from expandonesmacro in asm/preproc.c...

Astra Linux - уязвимость в nasm

In libnasm.a of Netwide Assembler NASM 2.14.xx, asm/pragma.c allows for a NULL pointer dereferencing in processpragma, searchpragmalist, and nasmsetlimit when "%pragma limit" is mishandled...

Astra Linux - уязвимость в nasm

There is an illegal address access in asm/preproc.c function: ismmacro within Netwide Assembler NASM 2.14rc16. This issue may lead to a denial of service due to out-of-bounds array access, as a certain conversion can result in a negative integer...

Ubuntu 22.04 LTS / 24.04 LTS : NASM vulnerabilities (USN-8248-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8248-1 advisory. Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow when handling certain input. An attacker could possibly use this iss...

USN-8248-1 nasm vulnerabilities

Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow when handling certain input. An attacker could possibly use this issue to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-31722 It was discovered that NASM incorrectly...

JLSEC-2026-203

NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856...

JLSEC-2026-204

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbgtypevalue at /output/outdbg.c...

JLSEC-2026-199

Buffer Overflow in Netwide Assembler NASM v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147...

Linux Distros Unpatched Vulnerability : CVE-2026-6069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NASM's disasm function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when slen...

SUSE CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

SUSE CVE-2026-6069

NASM's disasm function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when slen exceeds the buffer capacity...

EUVD-2026-21378

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to insufficient bounds checking in the objdirective function. An attacker can cause heap memory corruption, application crash, or execute arbitrary code by submitting a specially crafted .asm file...

CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

CVE-2026-6068

NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...

CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

UBUNTU-CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...