NASM is an 80x86 assembler.
Two stack based buffer overflow bugs have been found in nasm. An attacker
could create an ASM file in such a way that when compiled by a victim,
could execute arbitrary code on their machine. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the names CAN-2004-1287
and CAN-2005-1194 to these issues.
All users of nasm are advised to upgrade to this updated package, which
contains backported fixes for these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | nasm-rdoff | < 0.98.38-3.EL4 | nasm-rdoff-0.98.38-3.EL4.s390x.rpm |
RedHat | any | ia64 | nasm-rdoff | < 0.98.38-3.EL4 | nasm-rdoff-0.98.38-3.EL4.ia64.rpm |
RedHat | any | x86_64 | nasm | < 0.98.35-3.EL3 | nasm-0.98.35-3.EL3.x86_64.rpm |
RedHat | any | i386 | nasm-rdoff | < 0.98.38-3.EL4 | nasm-rdoff-0.98.38-3.EL4.i386.rpm |
RedHat | any | ppc | nasm | < 0.98.35-3.EL3 | nasm-0.98.35-3.EL3.ppc.rpm |
RedHat | any | s390 | nasm-rdoff | < 0.98.38-3.EL4 | nasm-rdoff-0.98.38-3.EL4.s390.rpm |
RedHat | any | i386 | nasm-doc | < 0.98-8.EL21 | nasm-doc-0.98-8.EL21.i386.rpm |
RedHat | any | ppc | nasm-rdoff | < 0.98.38-3.EL4 | nasm-rdoff-0.98.38-3.EL4.ppc.rpm |
RedHat | any | ppc | nasm-doc | < 0.98.38-3.EL4 | nasm-doc-0.98.38-3.EL4.ppc.rpm |
RedHat | any | i386 | nasm-rdoff | < 0.98-8.EL21 | nasm-rdoff-0.98-8.EL21.i386.rpm |