Wind River Support Network

HomeDefectsLIN9-7453

Fixed

LIN9-7453 : Security Advisory - nasm - CVE-2018-1000667

Created: Sep 16, 2018 Updated: Dec 3, 2018

Resolved Date: Oct 17, 2018

Found In Version: 9.0.0.17

Fix Version: 9.0.0.18

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

https://nvd.nist.gov/vuln/detail/CVE-2018-1000667

Other Downloads

Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-1000667