PT-2023-2366 · Unknown+2 · Netwide Assembler+2

13579And24680

Publicado

2023-03-29

Atualizado

2024-12-16

CVE-2022-44370

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Netwide Assembler (NASM) version 2.16

Description The issue is related to a heap buffer overflow in the quote for pmake() function of the Netwide Assembler (NASM). This overflow can occur due to the operation exceeding the memory buffer boundaries. Exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations For Netwide Assembler (NASM) version 2.16, consider disabling the quote for pmake() function as a temporary workaround until a patch is available.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2023-1613

ALT-PU-2024-16552

ALT-PU-2024-16908

AZL-25934

BDU:2023-02141

CVE-2022-44370

OESA-2023-1245

Produtos afetados

Alt Linux

Debian

Netwide Assembler

PT-2023-2366 · Unknown+2 · Netwide Assembler+2

CVE-2022-44370

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19