Netwide Assembler (nasm) through version 2.13 is vulnerable to a stack-based buffer over-read in the disasm/disasm.c:disasm() function. An attacker could exploit this to cause a crash or other unspecified impact via a crafted ELF file. Reproducible: Always