Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 810423 (CVE-2020-18974, CVE-2021-33450, CVE-2021-33452, CVE-2021-45256, CVE-2021-45257, CVE-2022-29654, CVE-2022-41420, CVE-2022-44368, CVE-2022-44369, CVE-2022-46456, CVE-2022-46457, CVE-2023-31722, CVE-2023-38665, CVE-2023-38667, CVE-2023-38668)

Summary: dev-lang/nasm: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: minor CC: kripton, matthew
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.nasm.us/show_bug.cgi?id=3392568
Whiteboard: B3 [upstream]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-08-25 19:25:25 UTC
CVE-2020-18974:

Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.

Upstream issue is currently untouched.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-12-23 08:35:31 UTC
CVE-2021-45256 (https://bugzilla.nasm.us/show_bug.cgi?id=3392789):

A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.

CVE-2021-45257 (https://bugzilla.nasm.us/show_bug.cgi?id=3392790):

An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.

Can't tell if there's been any action taken upstream as their Bugzilla seems to be down.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-27 03:46:18 UTC
CVE-2021-33450 (https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d):
https://bugzilla.nasm.us/show_bug.cgi?id=3392758

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.

CVE-2021-33452 (https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d):
https://bugzilla.nasm.us/show_bug.cgi?id=3392757

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c.
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-04 20:43:33 UTC
CVE-2022-41420 (https://bugzilla.nasm.us/show_bug.cgi?id=3392810):

nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-05 03:13:04 UTC
CVE-2022-46456 (https://bugzilla.nasm.us/show_bug.cgi?id=3392814):

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

CVE-2022-46457 (https://bugzilla.nasm.us/show_bug.cgi?id=3392809):

NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.

The first one is untouched by upstream, the second was closed without any comment.
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-04-04 04:07:46 UTC
CVE-2022-44368 (https://bugzilla.nasm.us/show_bug.cgi?id=3392820):

NASM v2.16 was discovered to contain a null pointer deference in the NASM component

CVE-2022-44369 (https://bugzilla.nasm.us/show_bug.cgi?id=3392819):

NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c.
Comment 6 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-19 02:50:02 UTC
CVE-2023-31722 (https://bugzilla.nasm.us/show_bug.cgi?id=3392857#c1):

There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891).
Comment 7 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-25 18:38:34 UTC
CVE-2022-29654 (https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/):
https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f

Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.

No upstream report? A comment on the referenced gist claims this is a
duplicate of CVE-2022-44370.

CVE-2023-38668 (https://bugzilla.nasm.us/show_bug.cgi?id=3392811):

Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).

CVE-2023-38667 (https://bugzilla.nasm.us/show_bug.cgi?id=3392812):

Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.

These untouched by upstream.

CVE-2023-38665 (https://bugzilla.nasm.us/show_bug.cgi?id=3392818):

Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).

This one has been closed without comment.