← All advisories

High severity7.8NVD Advisory· Published Mar 20, 2018· Updated Jun 17, 2026

CVE-2018-8882

CVE-2018-8882

Description

Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.

Affected products

5

Nasm/NASMllm-fuzzy
Range: =2.13.02rc2
osv-coords4 versions
pkg:rpm/opensuse/nasm&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/nasm&distro=openSUSE%20Leap%2015.2 pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1 pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2
< 2.14.02-lp151.3.3.1+ 3 more
- (no CPE)range: < 2.14.02-lp151.3.3.1
- (no CPE)range: < 2.14.02-lp152.4.3.1
- (no CPE)range: < 2.14.02-3.4.1
- (no CPE)range: < 2.14.02-3.4.1

Patches

Vulnerability mechanics

References

3

bugzilla.nasm.us/show_bug.cginvdIssue TrackingVendor Advisory
lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.htmlnvd
lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.htmlnvd

News mentions

0

No linked articles in our index yet.