PT-2020-5676 · Netwide Assembler+1 · Nasm+1
Published
2020-08-03
·
Updated
2022-09-02
·
CVE-2020-24978
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NASM version 2.15.04rc3
Description
The issue is related to a double-free vulnerability in the
pp tokline function of the asm/preproc.c file in the NASM assembler for x86 architecture. This vulnerability can be exploited by a remote attacker to gain access to confidential data, compromise data integrity, and cause a denial of service.Recommendations
For NASM version 2.15.04rc3, update to a version that includes the fix from commit 8806c3ca007b84accac21dd88b900fb03614ceb7 to resolve the issue.
Exploit
Fix
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Nasm