Debian Nasm vulnerabilities

CVE-2018-8881 [HIGH] CVE-2018-8881: nasm - Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the fun... Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resolved (fixed in 2.13.02-0.1)

CVE-2018-8883 [HIGH] CVE-2018-8883: nasm - Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line fun... Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-20535 [MEDIUM] CVE-2018-20535: nasm - There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Asse... There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt. Scope: local bookworm: resolved (fixed in 2.15.04-1) bullseye: resolved (fixed in 2.15.04-1) forky: resolved (fixed in 2.15.04-1) sid: resolved (fixed in 2.15.04-1) trixie: resolved (fixed in

CVE-2018-1000667 [MEDIUM] CVE-2018-1000667: nasm - NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory ... NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploi

CVE-2018-19755 [MEDIUM] CVE-2018-19755: nasm - There is an illegal address access at asm/preproc.c (function: is_mmacro) in Net... There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer. Scope: local bookworm: resolved (fixed in 2.15.02-1) bullseye: resolved (fixed in 2.15.02-1) forky: resolved (fixed in 2.15.02-1)

CVE-2018-19215 [HIGH] CVE-2018-19215: nasm - Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mm... Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-20538 [MEDIUM] CVE-2018-20538: nasm - There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Asse... There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-10316 [MEDIUM] CVE-2018-10316: nasm - Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file ... Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-19213 [MEDIUM] CVE-2018-19213: nasm - Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS,... Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-19214 [HIGH] CVE-2018-19214: nasm - Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mm... Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-16517 [MEDIUM] CVE-2018-16517: nasm - asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, w... asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-8882 [HIGH] CVE-2018-8882: nasm - Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the f... Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2018-16999 [MEDIUM] CVE-2018-16999: nasm - Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation faul... Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed

CVE-2018-1000886 [MEDIUM] CVE-2018-1000886: nasm - nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/st... nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-19209 [MEDIUM] CVE-2018-19209: nasm - Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function... Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. Scope: local bookworm: resolved (fixed in 2.14-1) bullseye: resolved (fixed in 2.14-1) forky: resolved (fixed in 2.14-1) sid: resolved (fixed in 2.14-1) trixie: resolved (fixed in 2.14-1)

CVE-2017-10686 [HIGH] CVE-2017-10686: nasm - In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vuln... In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken

CVE-2017-11111 [HIGH] CVE-2017-11111: nasm - In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause ... In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed i

CVE-2017-17818 [HIGH] CVE-2017-17818: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that... In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resol

CVE-2017-17811 [HIGH] CVE-2017-17811: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that ... In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed

CVE-2017-17812 [MEDIUM] CVE-2017-17812: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in t... In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resolved (fixed in