CVE-2025-8844 — LOW (3.3) — White Hats Nepal

Vulnerability Description

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Nasm	Netwide Assembler	2.17

Related Weaknesses (CWE)

CWE-404 CWE-476

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392936ExploitIssue TrackingVendor Advisory
https://drive.google.com/file/d/10TSdMErFTBtLFIwfh_fia635cmtmFuei/view?usp=driveExploit
https://vuldb.com/?ctiid.319378Permissions RequiredVDB Entry
https://vuldb.com/?id.319378Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.623187ExploitThird Party AdvisoryVDB Entry
https://vuldb.com/?submit.623196ExploitThird Party AdvisoryVDB Entry
https://vuldb.com/?submit.623198ExploitThird Party AdvisoryVDB Entry
https://bugzilla.nasm.us/show_bug.cgi?id=3392936ExploitIssue TrackingVendor Advisory
https://vuldb.com/?submit.623198ExploitThird Party AdvisoryVDB Entry

FAQ

What is CVE-2025-8844?

CVE-2025-8844 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference...

How severe is CVE-2025-8844?

CVE-2025-8844 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-8844?

Check the references section above for vendor advisories and patch information. Affected products include: Nasm Netwide Assembler.