https://bugzilla.redhat.com/show_bug.cgi?id=1493189
Bug ID: 1493189 Summary: CVE-2017-14228 nasm: NULL pointer dereference in the paste_tokens function Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team@redhat.com Reporter: anemec@redhat.com CC: java-sig-commits@lists.fedoraproject.org, mizdebsk@redhat.com, msimacek@redhat.com
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to a denial of service.
Upstream issue:
https://bugzilla.nasm.us/show_bug.cgi?id=3392423
https://bugzilla.redhat.com/show_bug.cgi?id=1493189
Andrej Nemec anemec@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1493190
--- Comment #1 from Andrej Nemec anemec@redhat.com --- Created nasm tracking bugs for this issue:
Affects: fedora-all [bug 1493190]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1493190 [Bug 1493190] CVE-2017-14228 nasm: NULL pointer dereference in the paste_tokens function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1493189 Bug 1493189 depends on bug 1493190, which changed state.
Bug 1493190 Summary: CVE-2017-14228 nasm: NULL pointer dereference in the paste_tokens function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1493190
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |CURRENTRELEASE
java-sig-commits@lists.fedoraproject.org