CVE-2020-24242 — NULL Pointer Dereference in Nasm

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 66.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 25

Latest updateMay 24

Description

In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

▶debiandebian/nasm< nasm 2.15.04-1 (bookworm)

▶Debiannasm/nasm< 2.15.04-1+3

GHSA

GHSA-v9xp-6r7f-273p: In Netwide Assembler (NASM) 2↗2022-05-24

▶

OSV

CVE-2020-24242: In Netwide Assembler (NASM) 2↗2020-08-25

▶

Red Hat

nasm: segmentation fault in tok_text function in asm/preproc.c by accessing read memory↗2020-07-28

▶

Debian

CVE-2020-24242: nasm - In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/p...↗2020

▶

Bugzilla

CVE-2020-24242 nasm: segmentation fault in tok_text function in asm/preproc.c by accessing read memory↗2020-08-26

▶

Bugzilla

CVE-2020-24242 nasm: segmentation fault in tok_text function in asm/preproc.c by accessing read memory [fedora-all]↗2020-08-26

▶