Debian Nasm vulnerabilities

73 known vulnerabilities affecting debian/nasm.

Total CVEs
73
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH6MEDIUM12LOW52

Vulnerabilities

Page 4 of 4
CVE-2017-17817MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17817 [MEDIUM] CVE-2017-17817: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in a... In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resolved (fixed in 2.13.02-0.1)
debian
CVE-2017-17816MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17816 [MEDIUM] CVE-2017-17816: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in ... In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resolved (fixed in 2.13.02-0.1)
debian
CVE-2017-17810MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17810 [MEDIUM] CVE-2017-17810: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that w... In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed i
debian
CVE-2017-17814MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17814 [MEDIUM] CVE-2017-17814: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive i... In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixie: resolved (fixed in 2.13.02-0.1)
debian
CVE-2017-17815MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17815 [MEDIUM] CVE-2017-17815: nasm - In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mm... In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed
debian
CVE-2017-17813MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17813 [MEDIUM] CVE-2017-17813: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_on... In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed i
debian
CVE-2017-17819MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17819 [MEDIUM] CVE-2017-17819: nasm - In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the f... In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.
debian
CVE-2017-17820MEDIUMCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-17820 [MEDIUM] CVE-2017-17820: nasm - In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_ma... In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-
debian
CVE-2017-14228LOWCVSS 5.5fixed in nasm 2.13.02-0.1 (bookworm)2017
CVE-2017-14228 [MEDIUM] CVE-2017-14228: nasm - In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the f... In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service. Scope: local bookworm: resolved (fixed in 2.13.02-0.1) bullseye: resolved (fixed in 2.13.02-0.1) forky: resolved (fixed in 2.13.02-0.1) sid: resolved (fixed in 2.13.02-0.1) trixi
debian
CVE-2008-2719LOWCVSS 6.8PoCfixed in nasm 2.03.01-1 (bookworm)2008
CVE-2008-2719 [MEDIUM] CVE-2008-2719: nasm - Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) ... Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow. Scope: local bookworm: resolved (fixed in 2.03.01-1) bullseye: resolved (fixed in 2.03.01-1) forky: resolved (fixe
debian
CVE-2008-7177LOWCVSS 6.8fixed in nasm 2.03.01-1 (bookworm)2008
CVE-2008-7177 [MEDIUM] CVE-2008-7177: nasm - Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01... Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. Scope: local bookworm: resolved (fixed in 2.03.01-1) bullseye: resolved (fixed in 2.03.01-1) forky: resolved (fixed in 2.03.01-1) sid: resolved (fixed in 2.03.01-1) trixie: resolved (fixed in 2.03.01-1)
debian
CVE-2005-1194CRITICALCVSS 10.0fixed in nasm 0.98.38-1.2 (bookworm)2005
CVE-2005-1194 [CRITICAL] CVE-2005-1194: nasm - Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earl... Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. Scope: local bookworm: resolved (fixed in 0.98.38-1.2) bullseye: resolved (fixed in 0.98.38-1.2) forky: resolved (fixed in 0.98.38-1.2) sid: resolved (fixed in 0.98.38-1.2)
debian
CVE-2004-1287CRITICALCVSS 10.0PoCfixed in nasm 0.98.38-1.1 (bookworm)2004
CVE-2004-1287 [CRITICAL] CVE-2004-1287: nasm - Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows a... Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. Scope: local bookworm: resolved (fixed in 0.98.38-1.1) bullseye: resolved (fixed in 0.98.38-1.1) forky: resolved (fixed in 0.98.38-1.1) sid: resolved (fixed in 0.98.38-1.1) trixie: res
debian
← Previous4 / 4