5 matches found
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a segmentation violation via the expandmmacparams function in the /nasm/nasm-pp.c file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended...
SUSE CVE-2023-31972
yasm v1.3.0 was discovered to contain a use after free via the function ppgetline at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the error function at /nasm/nasm-pp.c. Remediation There is no fixed version for yasm. References - GitHub Issue - PoC Credit: randomssr...
AZL-35380 CVE-2023-31972 affecting package yasm 1.3.0-17
yasm v1.3.0 was discovered to contain a use after free via the function ppgetline at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...
AZL-25934 CVE-2022-44370 affecting package nasm for versions less than 2.16-1
NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856...