Description
A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Dabei geht es um die Funktion parse_smacro_template der Datei preproc.c. Durch Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.
Problem types
Product status
Timeline
| 2025-08-10: | Advisory disclosed |
| 2025-08-10: | VulDB entry created |
| 2025-08-10: | VulDB entry last update |
Credits
xdcao (VulDB User)
References
vuldb.com/?id.319378 (VDB-319378 | NASM Netwide Assember preproc.c parse_smacro_template null pointer dereference)
vuldb.com/?ctiid.319378 (VDB-319378 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/?submit.623187 (Submit #623187 | nasm NASM version 2.17rc0 compiled on Jul 20 2025 and the newest master (888d9ab) Memory Corruption)
vuldb.com/?submit.623196 (Submit #623196 | nasm NASM version 2.17rc0 compiled on Jul 20 2025 and the newest master (888d9ab) Memory Corruption (Duplicate))
vuldb.com/?submit.623198 (Submit #623198 | nasm NASM version 2.17rc0 compiled on Jul 20 2025 and the newest master (888d9ab) Memory Corruption (Duplicate))
bugzilla.nasm.us/show_bug.cgi?id=3392936
drive.google.com/...FIwfh_fia635cmtmFuei/view?usp=drive_link
