Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 686720 (CVE-2019-8343) - <dev-lang/nasm-2.16.01: use-after-free in paste_tokens in asm/preproc.c
Summary: <dev-lang/nasm-2.16.01: use-after-free in paste_tokens in asm/preproc.c
Status: RESOLVED FIXED
Alias: CVE-2019-8343
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://bugzilla.nasm.us/show_bug.cgi...
Whiteboard: A2 [glsa+]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-05-25 07:52 UTC by D'juan McDonald (domhnall)
Modified: 2023-12-22 12:13 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-05-25 07:52:09 UTC 
(https://nvd.nist.gov/vuln/detail/CVE-2019-8343):
In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.


Gentoo Security Padawan
(domhnall)
Comment 1 Hans de Graaff gentoo-dev Security 2023-10-17 16:00:52 UTC 
According to the upstream bug this should be fixed in nasm 2.16.01. Please clean up the vulnerable version 2.15.05.
Comment 2 Larry the Git Cow gentoo-dev 2023-10-22 14:34:40 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9d1d1dd861423b9661e29d048de111f7d5034738

commit 9d1d1dd861423b9661e29d048de111f7d5034738
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2023-10-22 14:33:38 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2023-10-22 14:34:35 +0000

    dev-lang/nasm: drop 2.15.05
    
    Bug: https://bugs.gentoo.org/686720
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 dev-lang/nasm/Manifest            |  1 -
 dev-lang/nasm/nasm-2.15.05.ebuild | 53 ---------------------------------------
 2 files changed, 54 deletions(-)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-10-23 04:21:56 UTC 
> According to the upstream bug this should be fixed in nasm 2.16.01

But the bug is still open and there's no confirmation of a fix by the reporter, do we trust it?
Comment 4 Matthew Smith gentoo-dev 2023-10-25 07:47:00 UTC 
The poc no longer triggers a use-after-free crash with asan, but none of the changes in the git log or release notes mention the upstream bug or CVE.

The history of preproc.c is quite exciting to read through: https://github.com/netwide-assembler/nasm/commits/master/asm/preproc.c
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-10-28 21:47:56 UTC 
> The history of preproc.c is quite exciting to read through

Gross :(

But I'll trust the determination of the maintainer here, then. Thanks!
Comment 6 Larry the Git Cow gentoo-dev 2023-12-22 12:11:59 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=9f9ee310bf6c4ebf26d43ff75e027e27f23beb80

commit 9f9ee310bf6c4ebf26d43ff75e027e27f23beb80
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-12-22 12:11:31 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2023-12-22 12:11:54 +0000

    [ GLSA 202312-09 ] NASM: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/686720
    Bug: https://bugs.gentoo.org/903755
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202312-09.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)