CVE-2022-46456Classic Buffer Overflow in Netwide Assembler

CWE-120Classic Buffer Overflow6 documents6 sources
Severity
6.1MEDIUMNVD
EPSS
0.0%
top 85.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Nasm Netwide AssemblerDebian NasmMsrc Azl3 Nasm 2.16.01-1 ON Azure Linux 3.0+5 more
Timeline
PublishedJan 4
Latest updateJan 10

Description

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages8 packages

debiandebian/nasm
NVDnasm/netwide_assembler2.16, 2.16.01+1

🔴Vulnerability Details

2
OSV
CVE-2022-46456: NASM v22023-01-04
GHSA
GHSA-cj3v-jx6q-7pw2: NASM v22023-01-04

📋Vendor Advisories

3
Microsoft
NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.2023-01-10
Red Hat
nasm: buffer overflow in dbgdbg_typevalue() in output/outdbg.c2022-10-02
Debian
CVE-2022-46456: nasm - NASM v2.16 was discovered to contain a global buffer overflow in the component d...2022