Your submission was sent successfully! Close

CVE-2018-20535

Published: 28 December 2018

There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.

Notes

AuthorNote
mdeslaur
no fix as of 2019-04-25
Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
nasm
Launchpad, Ubuntu, Debian
bionic Deferred
(2019-04-25)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Deferred
(2019-04-25)
groovy Not vulnerable
(2.15.04-1)
hirsute Not vulnerable
(2.15.04-1)
impish Not vulnerable
(2.15.04-1)
jammy Not vulnerable
(2.15.04-1)
precise Does not exist

trusty Does not exist
(trusty was deferred [2019-04-25])
upstream Needs triage

xenial Ignored
(end of standard support, was deferred [2019-04-25])