CVE-2018-1000886

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-1000886
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000886.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1000886
Downstream
Published
2018-12-20T21:29:00.447Z
Modified
2026-04-10T04:03:37.667238Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file.

References

Affected packages

Git / github.com/netwide-assembler/nasm

Affected ranges

Type
GIT
Repo
https://github.com/netwide-assembler/nasm
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bc7f5fd93c55ef9fdb5e6c0ef7403a383bee841e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a825b33423d5046dfc4c0992c3ebfea5b8a531c4
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.14.01rc5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.15"
        }
    ]
}

Affected versions

Other
before-reformat-2005-01
verified
fork-0.*
fork-0.98-j
fork-0.98-j5
fork-0.98bf
fork-0.98e
nasm-0.*
nasm-0.91
nasm-0.93
nasm-0.94
nasm-0.95
nasm-0.96
nasm-0.97
nasm-0.98
nasm-0.98.03
nasm-0.98.08
nasm-0.98.09
nasm-0.98.11
nasm-0.98.12
nasm-0.98.14
nasm-0.98.15
nasm-0.98.16
nasm-0.98.17
nasm-0.98.18
nasm-0.98.19
nasm-0.98.20
nasm-0.98.21
nasm-0.98.22
nasm-0.98.23
nasm-0.98.24
nasm-0.98.25
nasm-0.98.25alt
nasm-0.98.26
nasm-0.98.30
nasm-0.98.31
nasm-0.98.32
nasm-0.98.33
nasm-0.98.34
nasm-0.98.35
nasm-0.98.36
nasm-0.98.37
nasm-0.98.38
nasm-0.98.39
nasm-0.98p3
nasm-0.98p3-hpa
nasm-0.98p3.2
nasm-0.98p3.3
nasm-0.98p3.4
nasm-0.98p3.5
nasm-0.98p3.6
nasm-0.98p3.7
nasm-0.98p6
nasm-0.98p7
nasm-0.99.01
nasm-0.99.02
nasm-0.99.05
nasm-0.99.06
nasm-2.*
nasm-2.00
nasm-2.00rc1
nasm-2.00rc3
nasm-2.01
nasm-2.01rc1
nasm-2.01rc2
nasm-2.02
nasm-2.02rc1
nasm-2.02rc2
nasm-2.03rc1
nasm-2.03rc2
nasm-2.03rc3
nasm-2.03rc5
nasm-2.03rc6
nasm-2.03rc7
nasm-2.03rc8
nasm-2.04
nasm-2.04rc1
nasm-2.04rc2
nasm-2.04rc3
nasm-2.04rc4
nasm-2.04rc5
nasm-2.04rc6
nasm-2.05
nasm-2.05rc1
nasm-2.05rc2
nasm-2.05rc3
nasm-2.05rc4
nasm-2.05rc5
nasm-2.05rc6
nasm-2.05rc7
nasm-2.05rc8
nasm-2.06
nasm-2.06.01rc1
nasm-2.06rc1
nasm-2.06rc10
nasm-2.06rc11
nasm-2.06rc12
nasm-2.06rc13
nasm-2.06rc14
nasm-2.06rc15
nasm-2.06rc16
nasm-2.06rc2
nasm-2.06rc3
nasm-2.06rc4
nasm-2.06rc5
nasm-2.06rc6
nasm-2.06rc7
nasm-2.06rc8
nasm-2.06rc9
nasm-2.07
nasm-2.07rc1
nasm-2.07rc2
nasm-2.07rc3
nasm-2.07rc4
nasm-2.07rc5
nasm-2.07rc6
nasm-2.07rc7
nasm-2.08
nasm-2.08rc1
nasm-2.08rc10
nasm-2.08rc2
nasm-2.08rc3
nasm-2.08rc4
nasm-2.08rc5
nasm-2.08rc6
nasm-2.08rc7
nasm-2.08rc8
nasm-2.08rc9
nasm-2.09
nasm-2.09rc1
nasm-2.09rc2
nasm-2.09rc4
nasm-2.09rc5
nasm-2.09rc6
nasm-2.09rc7
nasm-2.10
nasm-2.10.01
nasm-2.10.02
nasm-2.10.03
nasm-2.10.04
nasm-2.10.05
nasm-2.10.06
nasm-2.10.07
nasm-2.10.08
nasm-2.10.09
nasm-2.10rc1
nasm-2.10rc10
nasm-2.10rc11
nasm-2.10rc12
nasm-2.10rc13
nasm-2.10rc14
nasm-2.10rc15
nasm-2.10rc2
nasm-2.10rc3
nasm-2.10rc4
nasm-2.10rc5
nasm-2.10rc6
nasm-2.10rc7
nasm-2.10rc8
nasm-2.10rc9
nasm-2.11
nasm-2.11.01
nasm-2.11.02
nasm-2.11.03
nasm-2.11.06
nasm-2.11.07
nasm-2.11.08
nasm-2.11.09rc1
nasm-2.11.09rc2
nasm-2.11rc1
nasm-2.11rc2
nasm-2.11rc3
nasm-2.11rc4
nasm-2.12rc1
nasm-2.12rc2
nasm-2.12rc3
nasm-2.13
nasm-2.13rc1
nasm-2.13rc10
nasm-2.13rc11
nasm-2.13rc12
nasm-2.13rc13
nasm-2.13rc14
nasm-2.13rc15
nasm-2.13rc16
nasm-2.13rc17
nasm-2.13rc18
nasm-2.13rc2
nasm-2.13rc21
nasm-2.13rc22
nasm-2.13rc23
nasm-2.13rc3
nasm-2.13rc4
nasm-2.13rc5
nasm-2.13rc6
nasm-2.13rc7
nasm-2.13rc8
nasm-2.13rc9
nasm-2.14
nasm-2.14.01rc1
nasm-2.14.01rc2
nasm-2.14.01rc3
nasm-2.14.01rc4
nasm-2.14.01rc5
nasm-2.14rc1
nasm-2.14rc10
nasm-2.14rc11
nasm-2.14rc12
nasm-2.14rc13
nasm-2.14rc14
nasm-2.14rc15
nasm-2.14rc16
nasm-2.14rc2
nasm-2.14rc3
nasm-2.14rc4
nasm-2.14rc5
nasm-2.14rc6
nasm-2.14rc7
nasm-2.14rc8
nasm-2.14rc9
nasm-2.15
nasm-2.15rc1
nasm-2.15rc10
nasm-2.15rc11
nasm-2.15rc12
nasm-2.15rc2
nasm-2.15rc3
nasm-2.15rc4
nasm-2.15rc5
nasm-2.15rc6
nasm-2.15rc7
nasm-2.15rc8
nasm-2.15rc9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000886.json"