Search for packages
| purl | pkg:deb/debian/nasm@2.03.01-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-11p2-zbuv-13gy
Aliases: CVE-2017-17811 |
Improper Restriction of Operations within the Bounds of a Memory Buffer In Netwide Assembler (NASM) rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111. |
Affected by 11 other vulnerabilities. |
|
VCID-1g5m-abq3-kfca
Aliases: CVE-2020-24978 |
In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7. |
Affected by 3 other vulnerabilities. |
|
VCID-2m25-r9n5-e3cx
Aliases: CVE-2017-17810 |
Improper Input Validation In Netwide Assembler (NASM) rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments. |
Affected by 11 other vulnerabilities. |
|
VCID-4d33-n3b8-syc5
Aliases: CVE-2017-17815 |
Improper Check for Unusual or Exceptional Conditions In Netwide Assembler (NASM) rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts. |
Affected by 11 other vulnerabilities. |
|
VCID-627v-gasm-xff1
Aliases: CVE-2018-19755 |
Improper Input Validation There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer. |
Affected by 3 other vulnerabilities. |
|
VCID-7gqa-ary3-hfhh
Aliases: CVE-2018-16999 |
Out-of-bounds Write Netwide Assembler (NASM) rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file. |
Affected by 11 other vulnerabilities. |
|
VCID-88sf-35rq-zkav
Aliases: CVE-2019-14248 |
NULL Pointer Dereference In libnasm.a in Netwide Assembler (NASM), asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. |
Affected by 3 other vulnerabilities. |
|
VCID-a1n8-gdn1-cqg7
Aliases: CVE-2020-21685 |
Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. |
Affected by 3 other vulnerabilities. |
|
VCID-bukf-qja8-vqda
Aliases: CVE-2017-17820 |
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors. |
Affected by 11 other vulnerabilities. |
|
VCID-c3x9-gwbv-7keh
Aliases: CVE-2018-10016 |
Divide By Zero Netwide Assembler (NASM) rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file. |
Affected by 11 other vulnerabilities. |
|
VCID-cq66-6jxj-fyc2
Aliases: CVE-2020-24242 |
Out-of-bounds Read In Netwide Assembler (NASM), `SEGV` can be triggered in `tok_text` in `asm/preproc.c` by accessing READ memory. |
Affected by 3 other vulnerabilities. |
|
VCID-dgdx-td8m-tbcv
Aliases: CVE-2019-20352 |
Out-of-bounds Read In Netwide Assembler (NASM) rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. |
Affected by 3 other vulnerabilities. |
|
VCID-drn8-b7p7-tqc8
Aliases: CVE-2017-14228 |
NULL Pointer Dereference In Netwide Assembler (NASM) rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service. |
Affected by 11 other vulnerabilities. |
|
VCID-dtyu-u8sc-q7a4
Aliases: CVE-2017-10686 |
Use After Free In Netwide Assembler (NASM) rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in delete_Token(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack. |
Affected by 11 other vulnerabilities. |
|
VCID-eznc-tbwf-zyh8
Aliases: CVE-2018-1000667 |
Improper Restriction of Operations within the Bounds of a Memory Buffer NASM nasm-2.13.03 nasm- rc15 rc15 contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. |
Affected by 11 other vulnerabilities. |
|
VCID-f4rj-jms1-5ucd
Aliases: CVE-2018-19214 |
Out-of-bounds Read Netwide Assembler (NASM) rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. |
Affected by 11 other vulnerabilities. |
|
VCID-f539-q2gy-1ubj
Aliases: CVE-2018-19216 |
Use After Free Netwide Assembler (NASM) has a use-after-free in detoken at asm/preproc.c. |
Affected by 11 other vulnerabilities. |
|
VCID-fvu1-r8pe-wfeg
Aliases: CVE-2017-17817 |
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack. |
Affected by 11 other vulnerabilities. |
|
VCID-hntb-je1p-v3dj
Aliases: CVE-2017-17818 |
Out-of-bounds Read In Netwide Assembler (NASM) rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. |
Affected by 11 other vulnerabilities. |
|
VCID-k42g-2gh7-hybt
Aliases: CVE-2020-21687 |
Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. |
Affected by 3 other vulnerabilities. |
|
VCID-m35n-kbax-yuds
Aliases: CVE-2017-17816 |
Use After Free In Netwide Assembler (NASM) rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack. |
Affected by 11 other vulnerabilities. |
|
VCID-m8kc-xzgu-fyfh
Aliases: CVE-2018-10316 |
Integer Overflow or Wraparound Netwide Assembler (NASM) rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. |
Affected by 11 other vulnerabilities. |
|
VCID-mbcq-hctd-zye9
Aliases: CVE-2018-20535 |
Use After Free There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) rc16 that will cause a denial of service during a line-number increment attempt. |
Affected by 3 other vulnerabilities. |
|
VCID-mc7p-6e6r-eqdm
Aliases: CVE-2017-17813 |
Use After Free In Netwide Assembler (NASM) rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors. |
Affected by 11 other vulnerabilities. |
|
VCID-ngdn-wkta-s3ep
Aliases: CVE-2020-24241 |
Use After Free In Netwide Assembler (NASM) rc10, there is heap use-after-free in `saa_wbytes` in `nasmlib/saa.c.` |
Affected by 3 other vulnerabilities. |
|
VCID-nyt3-mnt2-tybx
Aliases: CVE-2017-17819 |
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated. |
Affected by 11 other vulnerabilities. |
|
VCID-ptzu-snj4-gfc2
Aliases: CVE-2017-17812 |
Out-of-bounds Read In Netwide Assembler (NASM) rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. |
Affected by 11 other vulnerabilities. |
|
VCID-qbr1-ry31-8qf4
Aliases: CVE-2018-8882 |
Improper Restriction of Operations within the Bounds of a Memory Buffer Netwide Assembler (NASM) rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. |
Affected by 11 other vulnerabilities. |
|
VCID-qg3e-7rn4-mueu
Aliases: CVE-2018-16517 |
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. |
Affected by 11 other vulnerabilities. |
|
VCID-r4af-f3yb-6yb7
Aliases: CVE-2017-11111 |
Improper Restriction of Operations within the Bounds of a Memory Buffer In Netwide Assembler (NASM) rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. |
Affected by 11 other vulnerabilities. |
|
VCID-rkr7-xt8d-g7f3
Aliases: CVE-2018-8883 |
Out-of-bounds Read Netwide Assembler (NASM) rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. |
Affected by 11 other vulnerabilities. |
|
VCID-rnaz-sgn3-pyar
Aliases: CVE-2018-8881 |
Out-of-bounds Read Netwide Assembler (NASM) rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. |
Affected by 11 other vulnerabilities. |
|
VCID-rrpn-47b9-eqac
Aliases: CVE-2020-18780 |
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command. |
Affected by 3 other vulnerabilities. |
|
VCID-rt1c-v8gs-juha
Aliases: CVE-2020-21686 |
A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. |
Affected by 3 other vulnerabilities. |
|
VCID-tsab-bkcw-j3gy
Aliases: CVE-2018-16382 |
Out-of-bounds Read Netwide Assembler (NASM) rc15 has a buffer over-read in x86/regflags.c. |
Affected by 11 other vulnerabilities. |
|
VCID-tvtj-uyfs-5kdn
Aliases: CVE-2017-17814 |
Use After Free In Netwide Assembler (NASM) rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack. |
Affected by 11 other vulnerabilities. |
|
VCID-vdww-tqmw-nff3
Aliases: CVE-2018-10254 |
Out-of-bounds Read Netwide Assembler (NASM) has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. |
Affected by 11 other vulnerabilities. |
|
VCID-wmjb-h3jn-3fce
Aliases: CVE-2018-19215 |
Out-of-bounds Read Netwide Assembler (NASM) rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. |
Affected by 11 other vulnerabilities. |
|
VCID-xzcj-np5b-67d7
Aliases: CVE-2018-19209 |
NULL Pointer Dereference Netwide Assembler (NASM) rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. |
Affected by 11 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4r89-mg29-z7fu | Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. |
CVE-2008-7177
|
| VCID-8crf-hmct-5uf5 | Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow. |
CVE-2008-2719
|