Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-49554HistoryJan 03, 2024 - 12:15 a.m.
CVE-2023-49554
2024-01-0300:15:08
Debian Security Bug Tracker
security-tracker.debian.org
14
yasm
vulnerability
denial of service
remote attacker
do_directivefunction
nasm-pp.c
unix
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
29.4%
Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | yasm | <= 1.3.0-4 | yasm_1.3.0-4_all.deb |
| Debian | 11 | all | yasm | <= 1.3.0-2.1 | yasm_1.3.0-2.1_all.deb |
| Debian | 999 | all | yasm | <= 1.3.0-5 | yasm_1.3.0-5_all.deb |
| Debian | 13 | all | yasm | <= 1.3.0-5 | yasm_1.3.0-5_all.deb |
Related
ubuntucve
ubuntucve
CVE-2023-49554
2024-01-03 00:00:00
prion
prion
Design/Logic Flaw
2024-01-03 00:15:00
osv
osv
CVE-2023-49554
2024-01-03 00:15:08
nvd
nvd
CVE-2023-49554
2024-01-03 00:15:08
redhatcve
redhatcve
CVE-2023-49554
2024-01-24 20:56:14
cvelist
cvelist
CVE-2023-49554
2024-01-02 00:00:00
cve
cve
CVE-2023-49554
2024-01-03 00:15:08
redos
redos
ROS-20240409-09
2024-04-09 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
29.4%
Related for DEBIANCVE:CVE-2023-49554