Global Buffer Overflow Vulnerability in NASM v2.16 by NASM
CVE-2022-46456

6.1MEDIUM

Key Information:

Vendor: Nasm
Status: Netwide Assembler
Vendor: CVE Published:; 4 January 2023

What is CVE-2022-46456?

A global buffer overflow vulnerability has been identified in NASM version 2.16, specifically within the dbgdbg_typevalue component located in the output directory, file outdbg.c. This flaw could potentially allow attackers to execute arbitrary code by sending crafted input, leading to system compromise. It's crucial for users of NASM v2.16 to review their configurations and apply necessary patches to mitigate the risk associated with this vulnerability.

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392814

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 4, 2023
Vulnerability Reserved
Dec 5, 2022

CVE-2022-46456 Data

JSON

Nasm

What is CVE-2022-46456?

References

CVSS V3.1

Timeline