yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to be input validation before data reaches libyasm, or a sandbox in which the application runs.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2186333 | |
https://github.com/yasm/yasm/blob/master/SECURITY.md | |
https://github.com/yasm/yasm/issues/216 | Exploit Issue Tracking Third Party Advisory |
https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md | Exploit Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2186333 | |
https://github.com/yasm/yasm/blob/master/SECURITY.md | |
https://github.com/yasm/yasm/issues/216 | Exploit Issue Tracking Third Party Advisory |
https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 07:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2186333 - | |
References | () https://github.com/yasm/yasm/blob/master/SECURITY.md - | |
References | () https://github.com/yasm/yasm/issues/216 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md - Exploit, Third Party Advisory |
22 Mar 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | (en) yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to be input validation before data reaches libyasm, or a sandbox in which the application runs. |
21 Apr 2023, 15:10
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-12 16:15
Updated : 2024-11-21 07:57
NVD link : CVE-2023-29581
Mitre link : CVE-2023-29581
CVE.ORG link : CVE-2023-29581
JSON object : View
Products Affected
yasm_project
- yasm
CWE