CVE-2021-34123
Description
An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack-buffer-overflow in ATasm 1.09's aprintf() allows arbitrary code execution via crafted file.
Vulnerability
ATasm version 1.09 contains a stack-buffer-overflow vulnerability in the aprintf() function within asm.c. The flaw occurs when strcat(line, buf) is used without proper bounds checking, allowing an attacker to overflow the stack buffer. This is triggered when processing a specially crafted file [1].
Exploitation
An attacker can exploit this vulnerability by providing a maliciously crafted file to ATasm. No special network position or authentication is required; the user simply needs to open the file with the vulnerable version. The overflow occurs during the parsing of the file within the aprintf() function, leading to control of the execution flow.
Impact
Successful exploitation allows an attacker to execute arbitrary code on the system with the privileges of the user running ATasm. This results in complete compromise of confidentiality, integrity, and availability.
Mitigation
As of July 2023, no official patch has been released for this issue. The bug report remains open [1]. Users should avoid processing untrusted files with ATasm 1.09 until a fix is available.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- atasm/atasmdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.