CVE-2023-29581

Name of the Vulnerable Software and Affected Versions yasm version 1.3.0.55.g101bc

Description The issue is related to a segmentation violation in the delete Token function at modules/preprocs/nasm/nasm-pp.c. Although this could potentially make a libyasm application unavailable if exploited, the vendor considers it to have no security relevance due to expected input validation or sandboxing.

Recommendations For yasm version 1.3.0.55.g101bc, consider applying input validation before data reaches libyasm or ensure the application runs in a sandbox to minimize potential impact. As a temporary workaround, consider restricting access to the delete Token function until a more permanent solution is available.