CVE-2008-7177 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Nasm

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources

Severity

9.3CRITICALNVD

OSV6.8

EPSS

1.6%

top 18.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nasm Debian Nasm Nasm Netwide Assembler

Timeline

PublishedSep 8

Latest updateMay 14

Description

Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDnasm/netwide_assembler2.03.01

▶debiandebian/nasm< nasm 2.03.01-1 (bookworm)

▶Debiannasm/nasm< 2.03.01-1+3

🔴Vulnerability Details

GHSA

GHSA-wx92-p8m2-phh4: Buffer overflow in the listing module in Netwide Assembler (NASM) before 2↗2022-05-14

▶

OSV

CVE-2008-7177: Buffer overflow in the listing module in Netwide Assembler (NASM) before 2↗2009-09-08

▶

📋Vendor Advisories

Debian

CVE-2008-7177: nasm - Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01...↗2008

▶

Red Hat

nasm: listing module buffer overflow↗

▶

💬Community

Bugzilla

CVE-2008-7177 nasm: listing module buffer overflow↗2009-09-10

▶