https://bugzilla.redhat.com/show_bug.cgi?id=1652033
Bug ID: 1652033 Summary: CVE-2018-19214 nasm: heap-based buffer over-read in expand_mmac_params in asm/preproc.c Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team@redhat.com Reporter: lpardo@redhat.com CC: dominik@greysector.net, java-sig-commits@lists.fedoraproject.org, mizdebsk@redhat.com, nickc@redhat.com
A flaw was found in Netwide Assembler (NASM) 2.14rc15. A heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
References: https://bugzilla.nasm.us/show_bug.cgi?id=3392521
Upstream Patch: https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354