Your submission was sent successfully! Close

CVE-2019-20352

Published: 6 January 2020

In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.

Priority

Medium

CVSS 3 base score: 7.1

Status

Package Release Status
nasm
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Not vulnerable
(2.15.04-1)
hirsute Not vulnerable
(2.15.04-1)
impish Not vulnerable
(2.15.04-1)
jammy Not vulnerable
(2.15.04-1)
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)