CVE-2018-16382Out-of-bounds Read in Nasm

CWE-125Out-of-bounds Read8 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 63.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
NasmDebian NasmNasm Netwide Assembler
Timeline
PublishedSep 3
Latest updateMay 13

Description

Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

debiandebian/nasm< nasm 2.14-1 (bookworm)
Debiannasm/nasm< 2.14-1+3

🔴Vulnerability Details

2
GHSA
GHSA-9474-965h-2x3p: Netwide Assembler (NASM) 22022-05-13
OSV
CVE-2018-16382: Netwide Assembler (NASM) 22018-09-03

📋Vendor Advisories

3
Ivanti
Ivanti Security Advisory: CVE-2019-163822020-03-19
Red Hat
nasm: buffer over-read in x86/regflags.c allows for crash via crafted file2018-08-03
Debian
CVE-2018-16382: nasm - Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.2018

💬Community

2
Bugzilla
CVE-2018-16382 nasm: buffer over-read in x86/regflags.c allows for crash via crafted file2018-09-04
Bugzilla
CVE-2018-16382 nasm: buffer over-read in x86/regflags.c allows for crash via crafted file [fedora-all]2018-09-04