CVE-2022-46456

Опубликовано: 02 окт. 2022

Источник: redhat

CVSS3: 6.1

EPSS Низкий

Описание

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

A buffer over-read was found in NASM. The issue occurs when a specially crafted file is processed by NASM when using the dbg output file format, causing the application to crash and disclose a limited amount of information.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	nasm	Out of support scope
Red Hat Enterprise Linux 7	nasm	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-120

https://bugzilla.redhat.com/show_bug.cgi?id=2160807nasm: buffer overflow in dbgdbg_typevalue() in output/outdbg.c

EPSS

Процентиль: 19%

0.00058

Низкий

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2022-46456

CVSS3: 6.1

ubuntu

около 3 лет назад

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

CVE-2022-46456

CVSS3: 6.1

nvd

около 3 лет назад

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

CVE-2022-46456

CVSS3: 6.1

msrc

5 месяцев назад

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

CVE-2022-46456

CVSS3: 6.1

debian

около 3 лет назад

NASM v2.16 was discovered to contain a global buffer overflow in the c ...

GHSA-cj3v-jx6q-7pw2

CVSS3: 7.8

github

около 3 лет назад

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

EPSS

Процентиль: 19%

0.00058

Низкий

6.1 Medium

CVSS3