CVE-2020-21686

Name of the Vulnerable Software and Affected Versions nasm versions prior to 2.15.04

Description A stack-use-after-scope issue was discovered in the expand mmac params function in preproc.c, allowing remote attackers to cause a denial of service via a crafted asm file. This issue affects the nasm software and can be exploited by sending a specially crafted file to the affected system.

Recommendations For versions prior to 2.15.04, update to version 2.15.04 or later to resolve the issue. As a temporary workaround, consider restricting access to the preproc.c component or the expand mmac params function until a patch is available.