Wind River Support Network

HomeDefectsLIN9-6100

Fixed

LIN9-6100 : Security Advisory - nasm - CVE-2017-17819

Created: Dec 28, 2017 Updated: Apr 2, 2020

Resolved Date: Jan 8, 2018

Found In Version: 9.0.0.13

Fix Version: 9.0.0.14

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.

https://nvd.nist.gov/vuln/detail/CVE-2017-17819

Other Downloads

Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-17819