Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 635358 (CVE-2017-10686, CVE-2017-14228) - <dev-lang/nasm-2.13.02: Multiple vulnerabilities
Summary: <dev-lang/nasm-2.13.02: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-10686, CVE-2017-14228
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on: 670884
Blocks:
  Show dependency tree
 
Reported: 2017-10-24 20:11 UTC by GLSAMaker/CVETool Bot
Modified: 2019-03-28 02:12 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-10-24 20:11:24 UTC
CVE-2017-14228 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14228):
  In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in
  the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It
  will lead to remote denial of service.

CVE-2017-11111 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11111):
  In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to
  cause a denial of service (heap-based buffer overflow and application crash)
  or possibly have unspecified other impact via a crafted file.

CVE-2017-10686 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10686):
  In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free
  vulnerabilities in the tool nasm. The related heap is allocated in the
  token() function and freed in the detoken() function (called by
  pp_getline()) - it is used again at multiple positions later that could
  cause multiple damages. For example, it causes a corrupted double-linked
  list in detoken(), a double free or corruption in delete_Token(), and an
  out-of-bounds write in detoken(). It has a high possibility to lead to a
  remote code execution attack.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2019-03-28 02:12:34 UTC
This issue was resolved and addressed in
 GLSA 201903-19 at https://security.gentoo.org/glsa/201903-19
by GLSA coordinator Aaron Bauman (b-man).