Ubuntu.comUB:CVE-2023-31725CVE-2023-31725
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
19.0%
yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via
the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.
References
github.com/DaisyPo/fuzzing-vulncollect/tree/main/yasm/heap-use-after-free/nasm-pp.c:3878%20in%20expand_mmac_params
github.com/yasm/yasm/issues/221
launchpad.net/bugs/cve/CVE-2023-31725
nvd.nist.gov/vuln/detail/CVE-2023-31725
security-tracker.debian.org/tracker/CVE-2023-31725
www.cve.org/CVERecord?id=CVE-2023-31725
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
19.0%