Null Pointer Dereference in Nasm Affected by Vulnerability in Preprocessor Code
CVE-2021-45256

5.5MEDIUM

Key Information:

Vendor: Nasm
Status: Netwide Assembler
Vendor: CVE Published:; 22 December 2021

What is CVE-2021-45256?

A Null Pointer Dereference vulnerability has been identified in Nasm 2.16rc0, stemming from an issue in the preprocessor code (asm/preproc.c). This flaw may allow attackers to cause unexpected behavior in the application, potentially leading to application crashes or denial of service conditions. It is crucial for users of this version to assess their risk and apply available mitigations to enhance their security posture.

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392789

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 22, 2021
Vulnerability Reserved
Dec 20, 2021

CVE-2021-45256 Data

JSON