CVE-2023-23109

EUVD-2023-27209
In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the function opdiv.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
crasm_projectcrasm
𝑥
< 1.11
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
crasm
bookworm
unimportant
bullseye
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
crasm
bionic
needed
focal
needed
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
oracular
needed
trusty
ignored
xenial
needed
Common Weakness Enumeration
References
https://github.com/WhatTheFuzz/crasm-fuzz/tree/a020ad6ad99a72ca373f7dd1aab3a61a7c87fd66/bug-floating-point-exception
https://github.com/colinbourassa/crasm/pull/7
https://github.com/WhatTheFuzz/crasm-fuzz/tree/a020ad6ad99a72ca373f7dd1aab3a61a7c87fd66/bug-floating-point-exception
https://github.com/colinbourassa/crasm/pull/7