862112 – (CVE-2021-33454, CVE-2021-33455, CVE-2021-33456, CVE-2021-33457, CVE-2021-33458, CVE-2021-33459, CVE-2021-33460, CVE-2021-33461, CVE-2021-33462, CVE-2021-33463, CVE-2021-33464, CVE-2021-33465, CVE-2021-33466, CVE-2021-33467, CVE-2021-33468, CVE-2023-29579, CVE-2023-29580, CVE-2023-29581, CVE-2023-29582, CVE-2023-29583, CVE-2023-30402, CVE-2023-31723, CVE-2023-31724, CVE-2023-31725, CVE-2023-31972, CVE-2023-31973, CVE-2023-31974, CVE-2023-31975) dev-lang/yasm: multiple vulnerabilities

Bug 862112 (CVE-2021-33454, CVE-2021-33455, CVE-2021-33456, CVE-2021-33457, CVE-2021-33458, CVE-2021-33459, CVE-2021-33460, CVE-2021-33461, CVE-2021-33462, CVE-2021-33463, CVE-2021-33464, CVE-2021-33465, CVE-2021-33466, CVE-2021-33467, CVE-2021-33468, CVE-2023-29579, CVE-2023-29580, CVE-2023-29581, CVE-2023-29582, CVE-2023-29583, CVE-2023-30402, CVE-2023-31723, CVE-2023-31724, CVE-2023-31725, CVE-2023-31972, CVE-2023-31973, CVE-2023-31974, CVE-2023-31975) - dev-lang/yasm: multiple vulnerabilities

Summary: dev-lang/yasm: multiple vulnerabilities

Status:	CONFIRMED

Alias:	CVE-2021-33454, CVE-2021-33455, CVE-2021-33456, CVE-2021-33457, CVE-2021-33458, CVE-2021-33459, CVE-2021-33460, CVE-2021-33461, CVE-2021-33462, CVE-2021-33463, CVE-2021-33464, CVE-2021-33465, CVE-2021-33466, CVE-2021-33467, CVE-2021-33468, CVE-2023-29579, CVE-2023-29580, CVE-2023-29581, CVE-2023-29582, CVE-2023-29583, CVE-2023-30402, CVE-2023-31723, CVE-2023-31724, CVE-2023-31725, CVE-2023-31972, CVE-2023-31973, CVE-2023-31974, CVE-2023-31975

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://gist.github.com/Clingto/bb632...
Whiteboard:	??
Keywords:

Depends on:
Blocks:

Reported:	2022-07-29 16:44 UTC by John Helmert III
Modified:	2023-05-19 02:48 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-07-29 16:44:09 UTC

Variety of bugs here, none of them seem fixed.

CVE-2021-33454: https://github.com/yasm/yasm/issues/166
CVE-2021-33455: https://github.com/yasm/yasm/issues/169
CVE-2021-33456: https://github.com/yasm/yasm/issues/175
CVE-2021-33457: https://github.com/yasm/yasm/issues/171
CVE-2021-33458: https://github.com/yasm/yasm/issues/170
CVE-2021-33459: https://github.com/yasm/yasm/issues/167
CVE-2021-33460: https://github.com/yasm/yasm/issues/168
CVE-2021-33461: https://github.com/yasm/yasm/issues/161
CVE-2021-33462: https://github.com/yasm/yasm/issues/165
CVE-2021-33463: https://github.com/yasm/yasm/issues/174
CVE-2021-33464: https://github.com/yasm/yasm/issues/164
CVE-2021-33465: https://github.com/yasm/yasm/issues/173
CVE-2021-33466: https://github.com/yasm/yasm/issues/172
CVE-2021-33467: https://github.com/yasm/yasm/issues/163
CVE-2021-33468: https://github.com/yasm/yasm/issues/162

Comment 1 John Helmert III archtester

2023-04-25 23:46:17 UTC

CVE-2023-30402 (https://github.com/yasm/yasm/issues/206):

YASM v1.3.0 was discovered to contain a heap overflow via the function handle_dot_label at /nasm/nasm-token.re.

CVE-2023-29582 (https://github.com/yasm/yasm/issues/217):

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c.

CVE-2023-29583 (https://github.com/yasm/yasm/issues/218):

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c.

CVE-2023-29579 (https://github.com/yasm/yasm/issues/214):

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf.

CVE-2023-29581 (https://github.com/yasm/yasm/issues/216):

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function delete_Token at /nasm/nasm-pp.c.

CVE-2023-29580 (https://github.com/yasm/yasm/issues/215):

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.

Comment 2 John Helmert III archtester

2023-05-11 04:36:48 UTC

CVE-2023-31972 (https://github.com/yasm/yasm/issues/209):

yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c.

CVE-2023-31973 (https://github.com/yasm/yasm/issues/207):

yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c.

CVE-2023-31974 (https://github.com/yasm/yasm/issues/208):

yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c.

CVE-2023-31975 (https://github.com/yasm/yasm/issues/210):

yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c.

Comment 3 John Helmert III archtester

2023-05-19 02:48:38 UTC

CVE-2023-31723 (https://github.com/yasm/yasm/issues/220):

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c.

CVE-2023-31724 (https://github.com/yasm/yasm/issues/222):

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function do_directive at /nasm/nasm-pp.c.

CVE-2023-31725 (https://github.com/yasm/yasm/issues/221):

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

No response to upstream issues.