Memory Leak Vulnerability in NASM by NASM Project
CVE-2021-33450

5.5MEDIUM

Key Information:

Vendor: Nasm
Status: Netwide Assembler
Vendor: CVE Published:; 26 July 2022

What is CVE-2021-33450?

NASM version 2.16rc0 has been found to contain a memory leak in the nasm_calloc() function within the nasmlib/alloc.c file. This vulnerability can lead to excessive memory usage over time, potentially causing performance degradation and resource exhaustion. Users and developers utilizing this version of NASM are encouraged to monitor their systems and consider upgrading to mitigate these risks. For further details, visit the links to the Bugzilla report and the GitHub gist.

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392758

x_refsource_MISC

https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f7...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2022
Vulnerability Reserved
May 20, 2021

CVE-2021-33450 Data

JSON

Nasm

What is CVE-2021-33450?

References

CVSS V3.1

Timeline