CVE-2019-14248

Name of the Vulnerable Software and Affected Versions Netwide Assembler (NASM) versions 2.14.xx

Description The issue is related to a NULL pointer dereference in the libnasm.a component of the Netwide Assembler (NASM). This can be triggered when the "%pragma limit" is mishandled, specifically in the process pragma, search pragma list, and nasm set limit functions. Exploitation of this issue may allow an attacker to cause a denial of service.

Recommendations For Netwide Assembler (NASM) versions 2.14.xx, consider avoiding the use of the "%pragma limit" directive until a patch is available. As a temporary workaround, restrict the use of the affected functions process pragma, search pragma list, and nasm set limit to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.