High severity7.8NVD Advisory· Published Apr 21, 2018· Updated Jun 17, 2026

CVE-2018-10254

Description

Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Nasm/Netwide Assemblerllm-fuzzy
Range: 2.13
osv-coords4 versions
pkg:rpm/opensuse/nasm&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/nasm&distro=openSUSE%20Leap%2015.2 pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1 pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2
< 2.14.02-lp151.3.3.1+ 3 more
- (no CPE)range: < 2.14.02-lp151.3.3.1
- (no CPE)range: < 2.14.02-lp152.4.3.1
- (no CPE)range: < 2.14.02-3.4.1
- (no CPE)range: < 2.14.02-3.4.1

Patches

Vulnerability mechanics

References

sourceforge.net/p/nasm/bugs/561/nvdExploitThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.htmlnvd
lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000