CVE-2017-17811

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111.
References
Link Resource
https://bugzilla.nasm.us/show_bug.cgi?id=3392432 Exploit Issue Tracking Vendor Advisory
https://usn.ubuntu.com/3694-1/ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:nasm:netwide_assembler:2.14:rc0:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

History

No history.

Information

Published : 2017-12-21 03:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-17811

Mitre link : CVE-2017-17811

CVE.ORG link : CVE-2017-17811


JSON object : View

Products Affected

nasm

  • netwide_assembler

canonical

  • ubuntu_linux
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer