Heap Buffer Overflow in NASM Version 2.16.02rc1 by NASM
CVE-2023-31722

7.8HIGH

Key Information:

Vendor: Nasm
Status: Netwide Assembler
Vendor: CVE Published:; 17 May 2023

What is CVE-2023-31722?

A heap buffer overflow has been identified in NASM version 2.16.02rc1, which could potentially allow an attacker to manipulate memory allocations, leading to unpredictable behavior or exploitation. This vulnerability emphasizes the importance of regular software updates and thorough code review processes to mitigate such risks.

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392857#c1

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2023
Vulnerability Reserved
Apr 29, 2023

CVE-2023-31722 Data

JSON

Nasm

What is CVE-2023-31722?

References

CVSS V3.1

Timeline