CVE-2023-23109

Vulnerability

The vulnerability exists in the opdiv function in src/operator.c of crasm version 1.8-3 (and earlier commits). The function performs division presult->value /= parg->value; without checking if parg->value is zero. When a crafted assembly file is processed, this leads to a floating-point exception (divide by zero). The issue is classified as CWE-369 (Divide By Zero) and CWE-233 (Improper Handling of Parameters). [1]

Exploitation

An attacker can trigger the vulnerability by providing a specially crafted assembly file to the crasm command-line tool. No authentication or special privileges are required; the attacker only needs to convince a user to process the malicious file. The crash occurs during the assembly process when the opdiv function is called with a zero divisor. [1]

Impact

Successful exploitation results in a denial of service (DoS) due to the program crashing with a floating-point exception. The impact is limited to availability; no data confidentiality or integrity is compromised. The CVSS base score is 1.7 (low severity). [1]

Mitigation

A fix has been merged into the source repository via pull request #7 [2], which adds a check for parg->value != 0 before performing the division. However, as of the publication date, the version available in Ubuntu (22.10 and 22.04) remains vulnerable. Users should update to a patched version or apply the patch manually. No workaround is available other than avoiding processing untrusted assembly files. [1][2]