CVE-2022-44370

Опубликовано: 02 окт. 2022

Источник: redhat

CVSS3: 7.1

EPSS Низкий

Описание

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

A heap-based buffer overflow flaw was found in nasm's quote_for_pmake() function in asm/nasm.c file. This flaw allows a local attacker to pass a specially crafted malicious input file, causing an application to halt or crash, leading to a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	nasm	Out of support scope
Red Hat Enterprise Linux 7	nasm	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122->CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=2193052nasm: heap buffer overflow in quote_for_pmake() in asm/nasm.c

EPSS

Процентиль: 19%

0.0006

Низкий

7.1 High

CVSS3

Связанные уязвимости

CVE-2022-44370

CVSS3: 7.8

ubuntu

почти 3 года назад

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

CVE-2022-44370

CVSS3: 7.8

nvd

почти 3 года назад

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

CVE-2022-44370

CVSS3: 7.8

msrc

почти 3 года назад

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

CVE-2022-44370

CVSS3: 7.8

debian

почти 3 года назад

NASM v2.16 was discovered to contain a heap buffer overflow in the com ...

GHSA-5hm2-2whx-4749

CVSS3: 7.8

github

почти 3 года назад

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

EPSS

Процентиль: 19%

0.0006

Низкий

7.1 High

CVSS3