Null Pointer Dereference in NASM 2.16 by Vendor NASM
CVE-2022-44369

5.5MEDIUM

Key Information:

Vendor: Nasm
Status: Netwide Assembler
Vendor: CVE Published:; 29 March 2023

What is CVE-2022-44369?

The NASM (Netwide Assembler) version 2.16, in its development phase, is susceptible to a null pointer dereference due to an issue in the output/outaout.c file. This vulnerability could potentially lead to unexpected behaviors in the software, impacting reliability and security for users. It is crucial for developers working with NASM to be aware of this vulnerability and implement necessary mitigations to ensure the integrity of their applications.

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392819

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 29, 2023
Vulnerability Reserved
Oct 30, 2022

CVE-2022-44369 Data

JSON

Nasm

What is CVE-2022-44369?

References

CVSS V3.1

Timeline