Description
Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack.
References (2)
Core 2
Core References
Patch, Third Party Advisory x_refsource_misc
https://repo.or.cz/nasm.git/commitdiff/e996d28c70d45008085322b442b44a9224308548
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.suse.com/show_bug.cgi?id=1115797
Scores
CVSS v3
5.5
EPSS
0.0077
EPSS Percentile
51.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (1)
nasm/netwide_assembler
2.14.0 rc15
Published
Nov 12, 2018
Tracked Since
Feb 18, 2026