CVE-2017-10686
- Source
- https://cve.org/CVERecord?id=CVE-2017-10686
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10686.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-10686
- Downstream
- Related
- Published
- 2017-06-29T23:29:00.287Z
- Modified
- 2026-04-16T06:16:02.850700925Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by ppgetline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in deleteToken(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack.
- References
Affected packages
Git / github.com/netwide-assembler/nasm
Affected versions
Other
before-reformat-2005-01
verified
fork-0.*
fork-0.98-j
fork-0.98-j5
fork-0.98bf
fork-0.98e
nasm-0.*
nasm-0.91
nasm-0.93
nasm-0.94
nasm-0.95
nasm-0.96
nasm-0.97
nasm-0.98
nasm-0.98.03
nasm-0.98.08
nasm-0.98.09
nasm-0.98.11
nasm-0.98.12
nasm-0.98.14
nasm-0.98.15
nasm-0.98.16
nasm-0.98.17
nasm-0.98.18
nasm-0.98.19
nasm-0.98.20
nasm-0.98.21
nasm-0.98.22
nasm-0.98.23
nasm-0.98.24
nasm-0.98.25
nasm-0.98.25alt
nasm-0.98.26
nasm-0.98.30
nasm-0.98.31
nasm-0.98.32
nasm-0.98.33
nasm-0.98.34
nasm-0.98.35
nasm-0.98.36
nasm-0.98.37
nasm-0.98.38
nasm-0.98.39
nasm-0.98p3
nasm-0.98p3-hpa
nasm-0.98p3.2
nasm-0.98p3.3
nasm-0.98p3.4
nasm-0.98p3.5
nasm-0.98p3.6
nasm-0.98p3.7
nasm-0.98p6
nasm-0.98p7
nasm-0.99.01
nasm-0.99.02
nasm-0.99.05
nasm-0.99.06
nasm-2.*
nasm-2.00
nasm-2.00rc1
nasm-2.00rc3
nasm-2.01
nasm-2.01rc1
nasm-2.01rc2
nasm-2.02
nasm-2.02rc1
nasm-2.02rc2
nasm-2.03rc1
nasm-2.03rc2
nasm-2.03rc3
nasm-2.03rc5
nasm-2.03rc6
nasm-2.03rc7
nasm-2.03rc8
nasm-2.04
nasm-2.04rc1
nasm-2.04rc2
nasm-2.04rc3
nasm-2.04rc4
nasm-2.04rc5
nasm-2.04rc6
nasm-2.05
nasm-2.05rc1
nasm-2.05rc2
nasm-2.05rc3
nasm-2.05rc4
nasm-2.05rc5
nasm-2.05rc6
nasm-2.05rc7
nasm-2.05rc8
nasm-2.06
nasm-2.06.01rc1
nasm-2.06rc1
nasm-2.06rc10
nasm-2.06rc11
nasm-2.06rc12
nasm-2.06rc13
nasm-2.06rc14
nasm-2.06rc15
nasm-2.06rc16
nasm-2.06rc2
nasm-2.06rc3
nasm-2.06rc4
nasm-2.06rc5
nasm-2.06rc6
nasm-2.06rc7
nasm-2.06rc8
nasm-2.06rc9
nasm-2.07
nasm-2.07rc1
nasm-2.07rc2
nasm-2.07rc3
nasm-2.07rc4
nasm-2.07rc5
nasm-2.07rc6
nasm-2.07rc7
nasm-2.08
nasm-2.08rc1
nasm-2.08rc10
nasm-2.08rc2
nasm-2.08rc3
nasm-2.08rc4
nasm-2.08rc5
nasm-2.08rc6
nasm-2.08rc7
nasm-2.08rc8
nasm-2.08rc9
nasm-2.09
nasm-2.09rc1
nasm-2.09rc2
nasm-2.09rc4
nasm-2.09rc5
nasm-2.09rc6
nasm-2.09rc7
nasm-2.10
nasm-2.10.01
nasm-2.10.02
nasm-2.10.03
nasm-2.10.04
nasm-2.10.05
nasm-2.10.06
nasm-2.10.07
nasm-2.10.08
nasm-2.10.09
nasm-2.10rc1
nasm-2.10rc10
nasm-2.10rc11
nasm-2.10rc12
nasm-2.10rc13
nasm-2.10rc14
nasm-2.10rc15
nasm-2.10rc2
nasm-2.10rc3
nasm-2.10rc4
nasm-2.10rc5
nasm-2.10rc6
nasm-2.10rc7
nasm-2.10rc8
nasm-2.10rc9
nasm-2.11
nasm-2.11.01
nasm-2.11.02
nasm-2.11.03
nasm-2.11.06
nasm-2.11.07
nasm-2.11.08
nasm-2.11.09rc1
nasm-2.11.09rc2
nasm-2.11rc1
nasm-2.11rc2
nasm-2.11rc3
nasm-2.11rc4
nasm-2.12rc1
nasm-2.12rc2
nasm-2.12rc3
nasm-2.13
nasm-2.13rc1
nasm-2.13rc10
nasm-2.13rc11
nasm-2.13rc12
nasm-2.13rc13
nasm-2.13rc14
nasm-2.13rc15
nasm-2.13rc16
nasm-2.13rc17
nasm-2.13rc18
nasm-2.13rc2
nasm-2.13rc21
nasm-2.13rc22
nasm-2.13rc23
nasm-2.13rc3
nasm-2.13rc4
nasm-2.13rc5
nasm-2.13rc6
nasm-2.13rc7
nasm-2.13rc8
nasm-2.13rc9
nasm-2.14rc0