Bug 1142604 - (CVE-2019-14248) VUL-1: CVE-2019-14248: nasm: NULL pointer dereference in asm/pragma.c leading to Segmentation fault
(CVE-2019-14248)
VUL-1: CVE-2019-14248: nasm: NULL pointer dereference in asm/pragma.c leading...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security
Current
Other Other
: P3 - Medium : Minor (vote)
: ---
Assigned To: Michael Vetter
E-mail List
https://smash.suse.de/issue/237916/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-07-24 09:09 UTC by Wolfgang Frisch
Modified: 2020-11-06 12:11 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
PoC (14 bytes, text/plain)
2019-07-24 09:12 UTC, Wolfgang Frisch
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2019-07-24 09:09:08 UTC
CVE-2019-14248

In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled.

Upstream Issue:

https://bugzilla.nasm.us/show_bug.cgi?id=3392576

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1732714
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14248
https://bugzilla.nasm.us/show_bug.cgi?id=3392576
Comment 1 Wolfgang Frisch 2019-07-24 09:12:20 UTC
Created attachment 811411 [details]
PoC

nasm -felf64 nullderef_nasm-2.14.02_pragma_limit.asm
Comment 5 Michael Vetter 2020-11-06 12:11:41 UTC
Tumbleweed is at 2.15.05 now and not affected anymore

$ nasm -felf64 nullderef_nasm-2.14.02_pragma_limit                                                                               
$ ls
  nullderef_nasm-2.14.02_pragma_limit  nullderef_nasm-2.14.o