5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
29.8%
nasm is vulnerable to Denial of Service (DoS) attacks. The vulnerability exists in the ieee_segment
function in the outieee.c
file. The function is responsible for writing floating-point numbers to an output file. The vulnerability occurs when the function fails to properly check the size of the buffer that is used to store the floating-point number. This can cause the function to access memory that it is not supposed to access, resulting in a segmentation fault.