VYPR

rpm package

suse/nasm&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (1)

  • CVE-2017-10686HigJun 29, 2017
    affected < 2.03.90-2.3.1fixed 2.03.90-2.3.1

    In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that cou