Fabre

#918269 nasm: CVE-2018-20538 #918269

Package:: src:nasm

Source:: nasm

Submitter:: Salvatore Bonaccorso

Date:: 2020-12-31 17:45:21 UTC

Severity:: important

Tags:

#918269#5

Date:: 2019-01-04 20:21:09 UTC

From:

To:

Hi,

The following vulnerability was published for nasm.

CVE-2018-20538[0]:
| There is a use-after-free at asm/preproc.c (function pp_getline) in
| Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service
| during certain finishes tests.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-20538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20538
[1] https://bugzilla.nasm.us/show_bug.cgi?id=3392531

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

#918269 nasm: CVE-2018-20538 #918269

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)