PT-2018-9822 · Netwide+1 · Netwide Assembler+1

Dongliang Mu

Publicado

2018-04-24

Atualizado

2020-07-31

CVE-2018-10316

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Netwide Assembler (NASM) version 2.14rc0

Description: The issue is caused by an integer overflow in the globallineno variable, resulting in an endless while loop in the assemble file function of asm/nasm.c.

Recommendations: For Netwide Assembler (NASM) version 2.14rc0, consider applying a patch to fix the integer overflow issue in the globallineno variable to prevent the endless while loop in the assemble file function.

Exploit

Correção

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

CVE-2018-10316

MGASA-2020-0303

OPENSUSE-SU-2020:0952-1

OPENSUSE-SU-2020:0954-1

OPENSUSE-SU-2020_0952-1

OPENSUSE-SU-2020_0954-1

SUSE-SU-2020:1843-1

Produtos afetados

Netwide Assembler

Suse

PT-2018-9822 · Netwide+1 · Netwide Assembler+1

CVE-2018-10316

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 75