yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to be input validation before data reaches libyasm, or a sandbox in which the application runs.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2186333 | |
https://github.com/yasm/yasm/blob/master/SECURITY.md | |
https://github.com/yasm/yasm/issues/216 | Exploit Issue Tracking Third Party Advisory |
https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-04-12T00:00:00
Updated: 2024-03-22T15:00:50.434455
Reserved: 2023-04-07T00:00:00
Link: CVE-2023-29581
JSON object: View
NVD Information
Status : Modified
Published: 2023-04-12T16:15:19.603
Modified: 2024-05-17T02:22:27.250
Link: CVE-2023-29581
JSON object: View
Redhat Information
No data.
CWE