CVE-2023-31975

2023-05-0900:00:00

ubuntu.com

memory leak

yasm v1.3.0

yasm_intnum_copy

unix

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

3.9 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

JSON

DISPUTED yasm v1.3.0 was discovered to contain a memory leak via the
function yasm_intnum_copy at /libyasm/intnum.c. Note: Multiple third
parties dispute this as a bug and not a vulnerability according to the YASM
security policy.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchyasm< anyUNKNOWN
ubuntu20.04noarchyasm< anyUNKNOWN
ubuntu22.04noarchyasm< anyUNKNOWN
ubuntu23.10noarchyasm< anyUNKNOWN
ubuntu24.04noarchyasm< anyUNKNOWN
ubuntu16.04noarchyasm< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	yasm	< any	UNKNOWN
ubuntu	20.04	noarch	yasm	< any	UNKNOWN
ubuntu	22.04	noarch	yasm	< any	UNKNOWN
ubuntu	23.10	noarch	yasm	< any	UNKNOWN
ubuntu	24.04	noarch	yasm	< any	UNKNOWN
ubuntu	16.04	noarch	yasm	< any	UNKNOWN