VYPR

rpm package

suse/nasm&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Vulnerabilities (2)

  • CVE-2017-11111HigJul 8, 2017
    affected < 2.10.09-4.5.1fixed 2.10.09-4.5.1

    In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

  • CVE-2017-10686HigJun 29, 2017
    affected < 2.10.09-4.5.1fixed 2.10.09-4.5.1

    In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that cou