Bug 1214499 (CVE-2023-38665) - VUL-0: CVE-2023-38665: nasm: Null pointer dereference in ieee_write_file
Summary: VUL-0: CVE-2023-38665: nasm: Null pointer dereference in ieee_write_file
Status: RESOLVED WONTFIX
Alias: CVE-2023-38665
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/376104/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-38665:3.3:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-08-23 07:08 UTC by Alexander Bergmann
Modified: 2024-04-19 08:57 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Reproducer (153 bytes, application/zip)
2023-08-23 07:23 UTC, Alexander Bergmann 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2023-08-23 07:08:03 UTC 
CVE-2023-38665

Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to
cause a denial of service (crash).

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38665
https://www.cve.org/CVERecord?id=CVE-2023-38665
https://bugzilla.nasm.us/show_bug.cgi?id=3392818
Comment 1 Alexander Bergmann 2023-08-23 07:23:48 UTC 
Created attachment 868959 [details]
Reproducer

# nasm -f ieee poc_nasm
poc_nasm:1: warning: label alone on a line without a colon might be in error [-w+label-orphan]
Segmentation fault (core dumped)
Comment 2 Alexander Bergmann 2023-08-23 07:25:27 UTC 
Note: Do not trust data from unknown sources. Do not assemble code from unknown sources without a sandbox environment that protects you from possible attacks.

In general: This is not a severe issue. It can only exploited if general security measurements and best practices are not followed.

For now, we will keep this bug open for reference. 

Current status:
- Segmentation fault can be reproduced.
- No upstream fix available.
Comment 6 Carlos López 2024-04-19 08:57:23 UTC 
Closing as WONTFIX, as discussed above.