CVE-2018-10016

Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
nasmnetwide_assembler
2.14:rc0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nasm
bullseye
2.15.05-1
fixed
stretch
no-dsa
jessie
no-dsa
wheezy
no-dsa
bookworm
2.16.01-1
fixed
sid
2.16.03-1
fixed
trixie
2.16.03-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nasm
noble
needed
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needed
impish
ignored
hirsute
ignored
groovy
ignored
focal
needed
eoan
ignored
disco
not-affected
cosmic
ignored
bionic
needed
xenial
needed
trusty
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392473
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392473