CVE-2023-31975

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions yasm version 1.3.0

Description The issue is related to a memory leak in the yasm intnum copy function of the YASM assembler. This memory leak occurs due to the lack of memory release after its effective term of service. Exploitation of this issue could allow an attacker to cause a denial of service.

Recommendations For yasm version 1.3.0, consider disabling the yasm intnum copy function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALT-PU-2024-10794

AZL-26632

AZL-35383

BDU:2024-06865

CVE-2023-31975

OESA-2023-1543

OESA-2023-1544

OESA-2024-1062

OESA-2024-1064

OESA-2024-1131

OESA-2024-1132

Affected Products

Alt Linux

Debian

Red Os

Yasm

CVE-2023-31975

Weakness Enumeration

Related Identifiers

Affected Products

References · 49