PT-2023-22318 · Yasm+1 · Yasm+1

Z1R00

Publicado

2023-04-24

Atualizado

2025-05-16

CVE-2023-29579

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions yasm version 1.3.0.55.g101bc

Description A stack overflow issue was discovered in yasm via the component yasm/yasm+0x43b466 in vsprintf. This issue has been disputed by third parties, arguing it is a bug rather than a security issue due to yasm being a standalone program not designed to run untrusted code.

Recommendations For yasm version 1.3.0.55.g101bc, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2023-29579

OESA-2025-1526

Produtos afetados

Debian

Yasm

PT-2023-22318 · Yasm+1 · Yasm+1

CVE-2023-29579

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15