CVE-2018-19216: Use After Free
First published: Mon Nov 12 2018(Updated: )
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nasm Netwide Assembler | <2.13.02 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-19216?
CVE-2018-19216 is a vulnerability in Netwide Assembler (NASM) before 2.13.02 that allows for a use-after-free in detoken at asm/preproc.c.
What is the severity of CVE-2018-19216?
CVE-2018-19216 has a severity score of 7.8, which is considered high.
Which software is affected by CVE-2018-19216?
CVE-2018-19216 affects Nasm Netwide Assembler versions up to 2.13.02 and Debian Linux versions 8.0 and 9.0.
How can I fix CVE-2018-19216?
To fix CVE-2018-19216, upgrade Netwide Assembler (NASM) to version 2.13.02 or later.
Where can I find more information about CVE-2018-19216?
You can find more information about CVE-2018-19216 at the following references: [1](http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html), [2](http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html), and [3](https://bugzilla.nasm.us/show_bug.cgi?id=3392424).
- collector/nvd-index
- vendor/nasm
- canonical/nasm netwide assembler
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0