PT-2023-9348 · Yasm+3 · Yasm+3

Randomssr

·

Publicado

2023-05-09

·

Atualizado

2026-03-29

·

CVE-2023-31975

CVSS v3.1

3.3

Baixa

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions yasm version 1.3.0
Description The issue is related to a memory leak in the yasm intnum copy function of the YASM assembler. This memory leak occurs due to the lack of memory release after its effective term of service. Exploitation of this issue could allow an attacker to cause a denial of service.
Recommendations For yasm version 1.3.0, consider disabling the yasm intnum copy function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401

Identificadores relacionados

ALT-PU-2024-10794
AZL-26632
AZL-35383
BDU:2024-06865
CVE-2023-31975
OESA-2023-1543
OESA-2023-1544
OESA-2024-1062
OESA-2024-1064
OESA-2024-1131
OESA-2024-1132

Produtos afetados

Alt Linux
Debian
Red Os
Yasm