CVE-2019-20334

Published: Jan 4, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.

Affected (1)

Products: Nasm: Netwide Assembler

1 product

Netwide Assembler

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nasm Netwide Assembler	Version 2.14.02

Related CWEs

Uncontrolled Recursion

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

References (4)

https://bugzilla.nasm.us/show_bug.cgi?id=3392548#c4

Source: cve@mitre.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.nasm.us/show_bug.cgi?id=3392638

Source: cve@mitre.org

ExploitIssue TrackingVendor Advisory

https://bugzilla.nasm.us/show_bug.cgi?id=3392548#c4

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingVendor Advisory

https://bugzilla.nasm.us/show_bug.cgi?id=3392638

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingVendor Advisory

Timeline

No history available yet.