CVE-2023-31975 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	3.3 LOW	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CISA-ADP	ADP	3.3 LOW	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Affected Products (NVD)

Vendor	Product	Version
yasm_project	yasm	1.3.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

yasm

bookworm	unimportant
bullseye	unimportant
sid	unimportant
trixie	unimportant

Ubuntu Releases

Ubuntu Product

Codename

yasm

bionic	not-affected
focal	not-affected
jammy	not-affected
kinetic	ignored
lunar	ignored
mantic	ignored
noble	not-affected
trusty	ignored
xenial	not-affected

Known Exploits!

Common Weakness Enumeration

CWE-401 - Missing Release of Memory after Effective Lifetime
The software does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References

http://www.openwall.com/lists/oss-security/2023/06/20/6

http://www.openwall.com/lists/oss-security/2023/06/21/10

http://www.openwall.com/lists/oss-security/2023/06/21/13

http://www.openwall.com/lists/oss-security/2023/06/21/2

http://www.openwall.com/lists/oss-security/2023/06/21/5

http://www.openwall.com/lists/oss-security/2023/06/21/7

http://www.openwall.com/lists/oss-security/2023/06/21/8

http://www.openwall.com/lists/oss-security/2023/06/21/9

http://www.openwall.com/lists/oss-security/2023/06/22/1

http://www.openwall.com/lists/oss-security/2023/06/22/3

http://www.openwall.com/lists/oss-security/2023/06/22/6

http://www.openwall.com/lists/oss-security/2023/06/23/1

http://www.openwall.com/lists/oss-security/2023/06/23/2

http://www.openwall.com/lists/oss-security/2023/06/23/4

http://www.openwall.com/lists/oss-security/2023/06/23/8

http://www.openwall.com/lists/oss-security/2023/06/23/9

http://www.openwall.com/lists/oss-security/2023/06/24/1

https://github.com/yasm/yasm/issues/210

http://www.openwall.com/lists/oss-security/2023/06/20/6

http://www.openwall.com/lists/oss-security/2023/06/21/10

http://www.openwall.com/lists/oss-security/2023/06/21/13

http://www.openwall.com/lists/oss-security/2023/06/21/2

http://www.openwall.com/lists/oss-security/2023/06/21/5

http://www.openwall.com/lists/oss-security/2023/06/21/7

http://www.openwall.com/lists/oss-security/2023/06/21/8

http://www.openwall.com/lists/oss-security/2023/06/21/9

http://www.openwall.com/lists/oss-security/2023/06/22/1

http://www.openwall.com/lists/oss-security/2023/06/22/3

http://www.openwall.com/lists/oss-security/2023/06/22/6

http://www.openwall.com/lists/oss-security/2023/06/23/1

http://www.openwall.com/lists/oss-security/2023/06/23/2

http://www.openwall.com/lists/oss-security/2023/06/23/4

http://www.openwall.com/lists/oss-security/2023/06/23/8

http://www.openwall.com/lists/oss-security/2023/06/23/9

http://www.openwall.com/lists/oss-security/2023/06/24/1

https://github.com/yasm/yasm/issues/210