Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 686722 (CVE-2019-6290, CVE-2019-6291)

Summary: dev-lang/nasm: multiple vulnerabilities
Product: Gentoo Security Reporter: D'juan McDonald (domhnall) <flopwiki>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: UNCONFIRMED ---    
Severity: normal CC: ajak, crummyreeve, kripton, matthew, proxy-maint, puzzlingcoalore, trunnelshine
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A3 [upstream]
Package list:
Runtime testing required: ---

Description D'juan McDonald (domhnall) 2019-05-25 08:05:08 UTC
(https://nvd.nist.gov/vuln/detail/CVE-2019-6290):
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.

Reference: https://bugzilla.nasm.us/show_bug.cgi?id=3392548


(https://nvd.nist.gov/vuln/detail/CVE-2019-6291):
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.

Reference: https://bugzilla.nasm.us/show_bug.cgi?id=3392549

Gentoo Security Padawan
(domhnall)
Comment 1 Ronald Hampton 2024-07-08 07:28:26 UTC Comment hidden (spam)
Comment 2 Herman Gibbs 2024-08-13 02:38:10 UTC Comment hidden (spam)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2024-09-22 04:33:10 UTC
Where are the fixes?
Comment 4 Loretta Peterson 2024-10-08 03:30:41 UTC
(In reply to D'juan McDonald (domhnall) from comment #0)
> (https://nvd.nist.gov/vuln/detail/CVE-2019-6290):
> An infinite recursion issue was discovered in eval.c in Netwide Assembler
> (NASM) through 2.14.02. There is a stack exhaustion problem resulting from
> infinite recursion in the functions expr, rexp, bexpr and cexpr in certain
> scenarios involving lots of '{' characters. Remote attackers could leverage
> this vulnerability to cause a denial-of-service via a crafted asm file.
> 
> Reference: https://bugzilla.nasm.us/show_bug.cgi?id=3392548 https://bitlifesimulator.io/
> 
> 
> (https://nvd.nist.gov/vuln/detail/CVE-2019-6291):
> An issue was discovered in the function expr6 in eval.c in Netwide Assembler
> (NASM) through 2.14.02. There is a stack exhaustion problem caused by the
> expr6 function making recursive calls to itself in certain scenarios
> involving lots of '!' or '+' or '-' characters. Remote attackers could
> leverage this vulnerability to cause a denial-of-service via a crafted asm
> file.
> 
> Reference: https://bugzilla.nasm.us/show_bug.cgi?id=3392549
> 
> Gentoo Security Padawan
> (domhnall)

Vulnerability Description: This issue occurs due to infinite recursion in the expr, rexp, bexpr, and cexpr functions when parsing a large number of { characters in a crafted assembly file. This could lead to a denial-of-service (DoS) attack by exhausting the stack, causing the assembler to crash.