Vulnerability Description
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
CVSS Score
5.5
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nasm | Netwide Assembler | < 2.15.05 |
Related Weaknesses (CWE)
References
- https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.htmlProduct
- https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165fExploitThird Party Advisory
- https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/Product
- https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.htmlProduct
- https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165fExploitThird Party Advisory
- https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/Product
FAQ
What is CVE-2022-29654?
CVE-2022-29654 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
How severe is CVE-2022-29654?
CVE-2022-29654 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-29654?
Check the references section above for vendor advisories and patch information. Affected products include: Nasm Netwide Assembler.