CVE-2018-1000667
06.09.2018, 17:29
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..Enginsight
| Vendor | Product | Version |
|---|---|---|
| nasm | netwide_assembler | 𝑥 ≤ 2.14.0 |
| nasm | netwide_assembler | 2.14.0:rc1 |
| nasm | netwide_assembler | 2.14.0:rc10 |
| nasm | netwide_assembler | 2.14.0:rc11 |
| nasm | netwide_assembler | 2.14.0:rc12 |
| nasm | netwide_assembler | 2.14.0:rc13 |
| nasm | netwide_assembler | 2.14.0:rc14 |
| nasm | netwide_assembler | 2.14.0:rc15 |
| nasm | netwide_assembler | 2.14.0:rc2 |
| nasm | netwide_assembler | 2.14.0:rc3 |
| nasm | netwide_assembler | 2.14.0:rc4 |
| nasm | netwide_assembler | 2.14.0:rc5 |
| nasm | netwide_assembler | 2.14.0:rc6 |
| nasm | netwide_assembler | 2.14.0:rc7 |
| nasm | netwide_assembler | 2.14.0:rc8 |
| nasm | netwide_assembler | 2.14.0:rc9 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References