Debian Nasm vulnerabilities

CVE-2025-8845 [MEDIUM] CVE-2025-8845: nasm - A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affe... A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open tri

CVE-2025-8843 [MEDIUM] CVE-2025-8843: nasm - A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the fun... A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: op

CVE-2025-8846 [MEDIUM] CVE-2025-8846: nasm - A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the... A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2025-8842 [MEDIUM] CVE-2025-8842: nasm - A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by thi... A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2025-8844 [MEDIUM] CVE-2025-8844: nasm - A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerabil... A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open trixie

CVE-2023-31722 [HIGH] CVE-2023-31722: nasm - There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-38668 [MEDIUM] CVE-2023-38668: nasm - Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a ... Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-38667 [MEDIUM] CVE-2023-38667: nasm - Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to... Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-38665 [MEDIUM] CVE-2023-38665: nasm - Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to ... Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-44369 [MEDIUM] CVE-2022-44369: nasm - NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via outpu... NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-44368 [MEDIUM] CVE-2022-44368: nasm - NASM v2.16 was discovered to contain a null pointer deference in the NASM compon... NASM v2.16 was discovered to contain a null pointer deference in the NASM component Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-46456 [MEDIUM] CVE-2022-46456: nasm - NASM v2.16 was discovered to contain a global buffer overflow in the component d... NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-29654 [MEDIUM] CVE-2022-29654: nasm - Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.... Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. Scope: local bookworm: resolved (fixed in 2.16.01-1) bullseye: open forky: resolved (fixed in 2.16.01-1) sid: resolved (fixed in 2.16.01-1) trixie: resolved (fixed in 2.16.01-1)

CVE-2022-41420 [MEDIUM] CVE-2022-41420: nasm - nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-46457 [MEDIUM] CVE-2022-46457: nasm - NASM v2.16 was discovered to contain a segmentation violation in the component i... NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-44370 [HIGH] CVE-2022-44370: nasm - NASM v2.16 was discovered to contain a heap buffer overflow in the component quo... NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 Scope: local bookworm: resolved (fixed in 2.16.01-1) bullseye: open forky: resolved (fixed in 2.16.01-1) sid: resolved (fixed in 2.16.01-1) trixie: resolved (fixed in 2.16.01-1)

CVE-2021-45257 [MEDIUM] CVE-2021-45257: nasm - An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens func... An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-45256 [MEDIUM] CVE-2021-45256: nasm - A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc... A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-33452 [MEDIUM] CVE-2021-33452: nasm - An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_... An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-33450 [MEDIUM] CVE-2021-33450: nasm - An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_... An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open