Latest nasm netwide assembler Vulnerabilities

CVE-2023-38668
Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).
Nasm Netwide Assembler=2.16
CVE-2023-38667
Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.
Nasm Netwide Assembler=2.16
CVE-2023-38665
Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).
Nasm Netwide Assembler=2.16-rc0
CVE-2022-29654
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
Nasm Netwide Assembler<2.15.05
CVE-2020-21687
Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
Nasm Netwide Assembler=2.15-rc0
CVE-2020-21685
Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
Nasm Netwide Assembler=2.15-rc0
CVE-2020-21686
A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.
Nasm Netwide Assembler<2.15.04
CVE-2020-18780
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
Nasm Netwide Assembler=2.14.02
CVE-2020-21528
A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.
Nasm Netwide Assembler=2.14.03-rc2
Nasm Netwide Assembler=2.15
CVE-2023-31722
There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891).
Nasm Netwide Assembler=2.16.02-rc1
CVE-2022-44368
NASM v2.16 was discovered to contain a null pointer deference in the NASM component
Nasm Netwide Assembler=2.16
Nasm Netwide Assembler=2.16-rc0
Nasm Netwide Assembler=2.16-rc10
Nasm Netwide Assembler=2.16-rc11
Nasm Netwide Assembler=2.16-rc12
Nasm Netwide Assembler=2.16-rc4
and 5 more
CVE-2022-44369
NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c.
Nasm Netwide Assembler=2.16
Nasm Netwide Assembler=2.16-rc0
Nasm Netwide Assembler=2.16-rc10
Nasm Netwide Assembler=2.16-rc11
Nasm Netwide Assembler=2.16-rc12
Nasm Netwide Assembler=2.16-rc4
and 5 more
CVE-2022-44370
NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856
Nasm Netwide Assembler<2.16
Nasm Netwide Assembler=2.16-rc1
CVE-2022-46457
NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.
Nasm Netwide Assembler=2.16-rc1
Nasm Netwide Assembler=2.16-rc10
Nasm Netwide Assembler=2.16-rc11
Nasm Netwide Assembler=2.16-rc2
Nasm Netwide Assembler=2.16-rc3
Nasm Netwide Assembler=2.16-rc4
and 5 more
CVE-2022-46456
NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.
Nasm Netwide Assembler=2.16
Nasm Netwide Assembler=2.16-rc10
Nasm Netwide Assembler=2.16-rc11
Nasm Netwide Assembler=2.16-rc12
Nasm Netwide Assembler=2.16-rc4
Nasm Netwide Assembler=2.16-rc5
and 5 more
CVE-2022-41420
nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component
Nasm Netwide Assembler=2.16-rc0
CVE-2021-33450
An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.
Nasm Netwide Assembler=2.16-rc0
CVE-2021-33452
An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c.
Nasm Netwide Assembler=2.16-rc0
CVE-2021-45256
A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.
Nasm Netwide Assembler=2.16-rc0
CVE-2021-45257
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.
Nasm Netwide Assembler=2.16-rc0
CVE-2020-18974
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.
Nasm Netwide Assembler>=2.15<=2.15.05
CVE-2020-24241
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
Nasm Netwide Assembler=2.15-rc10
CVE-2020-24242
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.
Nasm Netwide Assembler=2.15-rc10
CVE-2019-20352
In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.
Nasm Netwide Assembler=2.15-rc0
CVE-2019-20334
In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (an...
Nasm Netwide Assembler=2.14.02
CVE-2019-14248
In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled.
Nasm Netwide Assembler>=2.14<=2.14.02
CVE-2019-8343
In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.
Nasm Netwide Assembler=2.14.02
CVE-2019-7147
Nasm Netwide Assembler=2.14-rc16
CVE-2019-6290
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bex...
Nasm Netwide Assembler<=2.14.02
CVE-2019-6291
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself i...
Nasm Netwide Assembler<=2.14.02
CVE-2018-20538
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests.
Nasm Netwide Assembler=2.14.0-rc16
CVE-2018-20535
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.
Nasm Netwide Assembler=2.14.0-rc16
CVE-2018-1000886
nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This att...
Nasm Netwide Assembler=2.14.01rc5
Nasm Netwide Assembler=2.15
CVE-2018-19755
There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conver...
Nasm Netwide Assembler=12.14-rc16
CVE-2018-19214
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
Nasm Netwide Assembler=12.14-rc15
Redhat Enterprise Linux=5.0
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
CVE-2018-19215
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
Nasm Netwide Assembler=12.14-rc16
Redhat Enterprise Linux=5.0
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
CVE-2018-19209
Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack.
Nasm Netwide Assembler=2.14.0-rc15
CVE-2018-16999
Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file.
Nasm Netwide Assembler=12.14-rc15
CVE-2018-16517
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
Nasm Netwide Assembler<=2.13.03
Nasm Netwide Assembler=2.14-rc15
Nasm Netwide Assembler=2.14.0-rc1
Nasm Netwide Assembler=2.14.0-rc10
Nasm Netwide Assembler=2.14.0-rc11
Nasm Netwide Assembler=2.14.0-rc12
and 10 more
CVE-2018-1000667
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm....
Nasm Netwide Assembler<=2.14.0
Nasm Netwide Assembler=2.14.0-rc1
Nasm Netwide Assembler=2.14.0-rc10
Nasm Netwide Assembler=2.14.0-rc11
Nasm Netwide Assembler=2.14.0-rc12
Nasm Netwide Assembler=2.14.0-rc13
and 10 more
CVE-2018-16382
Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.
Nasm Netwide Assembler=2.14-rc15

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203