NASM: Multiple Vulnerabilities

Background NASM is a 80x86 assembler that has been created for portability and modularity. NASM supports Pentium, P6, SSE MMX, and 3DNow extensions. It also supports a wide range of objects formats ELF, a.out, COFF, etc, and has its own disassembler. Description Multiple vulnerabilities have been...

ROS-20230914-04

A vulnerability in the nasm assembler involves copying to a buffer without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...

ROS-20230825-06

A vulnerability in the Yasm assembler is related to null pointer dereferencing in /libyasm/intnum.c and /elf/elf.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...

CVE-2023-38668

Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service crash...

DEBIAN-CVE-2023-38665

Null pointer dereference in ieeewritefile in nasm 2.16rc0 allows attackers to cause a denial of service crash...

DEBIAN-CVE-2020-21687

Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file...

DEBIAN-CVE-2020-21686

A stack-use-after-scope issue discovered in expandmmacparams function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file...

UBUNTU-CVE-2022-29654

Buffer overflow vulnerability in quoteforpmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file...

UBUNTU-CVE-2023-38667

Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service...

Nasm 缓冲区错误漏洞

Nasm is an open source programming tool software by The Nasm Development Team team. A security vulnerability exists in Nasm version 2.15rc0, which stems from a buffer overflow vulnerability in the stdscan.c scanning function...

nasm 缓冲区错误漏洞

Nasm is an open source programming tool software by The Nasm Development Team team. A security vulnerability exists in nasm version 2.16, which stems from a stack-based buffer over-reading issue in disasm...

nasm 缓冲区错误漏洞

Nasm is an open source programming tool software by The Nasm Development Team team. A security vulnerability exists in nasm version 2.16, which stems from a stack-based buffer over-reading issue in disasm functions...

PT-2023-11507 · Nasm +2 · Nasm +2

Name of the Vulnerable Software and Affected Versions: nasm version 2.14.02 Description: A Use After Free issue in the new Token function in asm/preproc.c allows attackers to cause a denial of service via a crafted nasm command. Recommendations: For nasm version 2.14.02, consider disabling the ne...

PT-2023-5264 · Netwide Assembler +3 · Nasm +3

Name of the Vulnerable Software and Affected Versions: nasm versions prior to 2.15.05 Description: The issue is related to a buffer overflow vulnerability in the quote for pmake function in asm/nasm.c of the Netwide Assembler NASM. This vulnerability can be exploited by attackers to cause a denia...

ATasm 缓冲区错误漏洞

ATasm is a command line cross assembler for the 6502 microprocessor. A security vulnerability exists in ATasm version 1.09 due to a buffer overflow vulnerability in the function aprintf...

yasm 安全漏洞

yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in yasm v1.3.0, which stems from a post-release reuse issue in the function yasmintnumcopy in /nasm/nasm-pp.c. The vulnerability is caused by the use of the function yasmintnumcopy...

yasm 缓冲区错误漏洞

yasm is a completely rewritten Netwide assembler from the yasm open source. A buffer error vulnerability exists in yasm v1.3.0, which stems from a heap overflow in the function handledotlabel...

yasm 缓冲区错误漏洞

yasm is a completely rewritten Netwide assembler from the yasm open source. A buffer error vulnerability exists in yasm version 1.3.0.55.g101bc, which stems from the discovery of a contained stack overflow vulnerability via the parseexpr5 function in /nasm/nasm-parse.c...

OESA-2023-1245 nasm security update

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax. It also provides tools in RDOFF binary format, includes linker, library manager, loader, and information dump. Security Fixes...

Shoggoth - Asmjit Based Polymorphic Encryptor

Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its corresponding loader in an obfuscated form. Since the content of the output is...