Description
An issue was discovered in yasm version 1.3.0. There is a use-after-free in pp_getline() in modules/preprocs/nasm/nasm-pp.c.
References
https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d
Third Party Advisory
https://github.com/yasm/yasm/issues/163
ExploitIssue TrackingThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2022-07-26T13:15:09.860
2 years agoLast modified
2022-07-28T15:23:13.370
2 years ago