[CVE-2008-2719] nasm vulnerability (DoS and possible arbitrary code execution)
Bug #241421 reported by
Till Ulen
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| nasm (Debian) |
Fix Released
|
Unknown
|
|||
| nasm (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Dapper |
Invalid
|
Undecided
|
Unassigned | ||
| Feisty |
Invalid
|
Undecided
|
Unassigned | ||
| Gutsy |
Invalid
|
Undecided
|
Unassigned | ||
| Hardy |
Fix Released
|
Low
|
Kees Cook | ||
| Intrepid |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: nasm
CVE-2008-2719 description:
"Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow."
Related branches
CVE References
| Changed in nasm: | |
| status: | Unknown → Fix Released |
Revision history for this message
| Till Ulen (tillulen) wrote | #1 |
Revision history for this message
| Marc Deslauriers (mdeslaur) wrote | #2 |
| Changed in nasm: | |
| status: | New → In Progress |
| Changed in nasm: | |
| status: | New → In Progress |
| status: | In Progress → Fix Released |
Revision history for this message
| Marc Deslauriers (mdeslaur) wrote | #3 |
| Changed in nasm: | |
| status: | New → Invalid |
| status: | New → Invalid |
| status: | New → Invalid |
| Changed in nasm: | |
| status: | In Progress → Fix Committed |
Revision history for this message
| Kees Cook (kees) wrote | #4 |
| Changed in nasm: | |
| assignee: | nobody → kees |
| importance: | Undecided → Low |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
CVE-2008-2719