CVE-2018-20535
Published: 28 December 2018
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.
Priority
Low
CVSS 3 base score: 5.5
Status
| Package | Release | Status |
|---|---|---|
|
nasm Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Not vulnerable
(2.15.04-1)
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
(2.15.04-1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Deferred
(2019-04-25)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Deferred
(2019-04-25)
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Ignored
(end of standard support, was deferred [2019-04-25])
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was deferred [2019-04-25])
|