Wind River Support Network

HomeDefectsLINCD-173
Fixed

LINCD-173 : Security Advisory - nasm - CVE-2019-14248

Created: Nov 13, 2019    Updated: Jan 15, 2020
Resolved Date: Dec 13, 2019
Found In Version: 10.20.3.0
Fix Version: 10.20.3.0
Severity: Standard
Applicable for: Wind River Linux CD
Component/s: Userspace

Description

In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled.

CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-14248 User=admin}

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube