CVE-2021-45257Infinite Loop in Netwide Assembler

CWE-835Infinite Loop5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.3%
top 48.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nasm Netwide AssemblerDebian Nasm
Timeline
PublishedDec 22
Latest updateDec 23

Description

An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

debiandebian/nasm

🔴Vulnerability Details

2
GHSA
GHSA-wjg5-gfx4-4qv2: An infinite loop vulnerability exists in nasm 22021-12-23
OSV
CVE-2021-45257: An infinite loop vulnerability exists in nasm 22021-12-22

📋Vendor Advisories

2
Red Hat
nasm: Infinite loop via the paste_tokens function2021-12-22
Debian
CVE-2021-45257: nasm - An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens func...2021