Debian Nasm vulnerabilities

CVE-2020-24978 [CRITICAL] CVE-2020-24978: nasm - In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/prepr... In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1)

CVE-2020-21686 [MEDIUM] CVE-2020-21686: nasm - A stack-use-after-scope issue discovered in expand_mmac_params function in prepr... A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fix

CVE-2020-21685 [MEDIUM] CVE-2020-21685: nasm - Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc... Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1)

CVE-2020-18974 [MEDIUM] CVE-2020-18974: nasm - Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a... Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2020-21687 [MEDIUM] CVE-2020-21687: nasm - Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allo... Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1)

CVE-2020-18780 [MEDIUM] CVE-2020-18780: nasm - A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.... A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1)

CVE-2020-24241 [MEDIUM] CVE-2020-24241: nasm - In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes... In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1)

CVE-2020-24242 [MEDIUM] CVE-2020-24242: nasm - In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/p... In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1)

CVE-2020-21528 [MEDIUM] CVE-2020-21528: nasm - A Segmentation Fault issue discovered in in ieee_segment function in outieee.c i... A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. Scope: local bookworm: resolved (fixed in 2.16.01-1) bullseye: open forky: resolved (fixed in 2.16.01-1) sid: resolved (fixed in 2.16.01-1) trixie: resolved (fixed in 2.16.01-1)

CVE-2019-14248 [MEDIUM] CVE-2019-14248: nasm - In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL poi... In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. Scope: local bookworm: resolved (fixed in 2.15.02-1) bullseye: resolved (fixed in 2.15.02-1) forky: resolved (fixed in 2.15.02-1) sid: resolved (fixed in 2.15.02-1) trixie: resol

CVE-2019-7147 [MEDIUM] CVE-2019-7147: nasm - A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwi... A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-6290 [MEDIUM] CVE-2019-6290: nasm - An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM)... An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.

CVE-2019-20352 [HIGH] CVE-2019-20352: nasm - In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a... In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in 2.15.04-1

CVE-2019-8343 [HIGH] CVE-2019-8343: nasm - In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens i... In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2019-6291 [MEDIUM] CVE-2019-6291: nasm - An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NA... An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.

CVE-2019-20334 [MEDIUM] CVE-2019-20334: nasm - In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions... In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-19216 [HIGH] CVE-2018-19216: nasm - Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/p... Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resolved (fixed in 2.13.02-0.1)

CVE-2018-10254 [HIGH] CVE-2018-10254: nasm - Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm f... Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixe

CVE-2018-10016 [MEDIUM] CVE-2018-10016: nasm - Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the exp... Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-16382 [MEDIUM] CVE-2018-16382: nasm - Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)