CVE-2023-38667 — Out-of-bounds Read in Netwide Assembler

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 94.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 22

Description

Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

GHSA

GHSA-w79x-2j59-hh47: Stack-based buffer over-read in function disasm in nasm 2↗2023-08-22

▶

OSV

CVE-2023-38667: Stack-based buffer over-read in function disasm in nasm 2↗2023-08-22

▶

Debian

CVE-2023-38667: nasm - Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to...↗2023

▶

Red Hat

nasm: stack-based buffer overflow in disasm()↗2022-09-21

▶