First Last Prev Next    This bug is not in your last search results.
Bug 1107592 - (CVE-2018-1000667) VUL-1: CVE-2018-1000667: nasm: Memory corruption in assemble_file() function in asm/nasm.c:482
(CVE-2018-1000667)
VUL-1: CVE-2018-1000667: nasm: Memory corruption in assemble_file() function ...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Michael Vetter
Security Team bot
https://smash.suse.de/issue/213869/
CVSSv3:SUSE:CVE-2018-1000667:2.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-09-07 06:30 UTC by Marcus Meissner
Modified: 2020-11-04 15:12 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
id:000000,sig:11,src:000101,op:havoc,rep:16 (241 bytes, application/octet-stream)
2018-09-07 06:34 UTC, Marcus Meissner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-09-07 06:30:24 UTC 
rh#1626256

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory
corruption (crashed) of nasm when handling a crafted file due to function
assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function
assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in
aborting/crash nasm program. This attack appear to be exploitable via a
specially crafted asm file..

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1626256
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000667
https://github.com/cyrillos/nasm/issues/3
https://bugzilla.nasm.us/show_bug.cgi?id=3392507
Comment 1 Marcus Meissner 2018-09-07 06:34:46 UTC 
Created attachment 782304 [details]
id:000000,sig:11,src:000101,op:havoc,rep:16

QA REPRODUCER:

nasm -felf64 id:000000,sig:11,src:000101,op:havoc,rep:16

should not crash
Comment 2 Swamp Workflow Management 2020-07-06 16:15:35 UTC 
SUSE-SU-2020:1843-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1084631,1086186,1086227,1086228,1090519,1090840,1106878,1107592,1107594,1108404,1115758,1115774,1115795,1173538
CVE References: CVE-2018-1000667,CVE-2018-10016,CVE-2018-10254,CVE-2018-10316,CVE-2018-16382,CVE-2018-16517,CVE-2018-16999,CVE-2018-19214,CVE-2018-19215,CVE-2018-19216,CVE-2018-8881,CVE-2018-8882,CVE-2018-8883
Sources used:
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    nasm-2.14.02-3.4.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    nasm-2.14.02-3.4.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 3 Swamp Workflow Management 2020-07-13 19:13:40 UTC 
openSUSE-SU-2020:0954-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1084631,1086186,1086227,1086228,1090519,1090840,1106878,1107592,1107594,1108404,1115758,1115774,1115795,1173538
CVE References: CVE-2018-1000667,CVE-2018-10016,CVE-2018-10254,CVE-2018-10316,CVE-2018-16382,CVE-2018-16517,CVE-2018-16999,CVE-2018-19214,CVE-2018-19215,CVE-2018-19216,CVE-2018-8881,CVE-2018-8882,CVE-2018-8883
Sources used:
openSUSE Leap 15.2 (src):    nasm-2.14.02-lp152.4.3.1
Comment 4 Swamp Workflow Management 2020-07-13 19:16:29 UTC 
openSUSE-SU-2020:0952-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1084631,1086186,1086227,1086228,1090519,1090840,1106878,1107592,1107594,1108404,1115758,1115774,1115795,1173538
CVE References: CVE-2018-1000667,CVE-2018-10016,CVE-2018-10254,CVE-2018-10316,CVE-2018-16382,CVE-2018-16517,CVE-2018-16999,CVE-2018-19214,CVE-2018-19215,CVE-2018-19216,CVE-2018-8881,CVE-2018-8882,CVE-2018-8883
Sources used:
openSUSE Leap 15.1 (src):    nasm-2.14.02-lp151.3.3.1
First Last Prev Next    This bug is not in your last search results.