CVE-2017-17815

Priority
Description
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in
is_mmacro() in asm/preproc.c that will cause a remote denial of service
attack, because of a missing check for the relationship between minimum and
maximum parameter counts.
Assigned-to
mdeslaur
Notes
Package
Source: nasm (LP Ubuntu Debian)
Upstream:released (2.13.02)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [2.10.09-1ubuntu0.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (2.11.08-1ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2.13.02-0.1)
Patches:
Upstream:http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3
More Information

Updated: 2019-12-05 18:48:37 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)