Bug 1998315 (CVE-2020-18974)

Summary: CVE-2020-18974 nasm: buffer overflow in crc64i() nasmlib/crc64.c
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: dominik, igor.raits, java-sig-commits, mbenatto, mizdebsk, nickc, pbonzini, sipoyare
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-19 14:38:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1998317, 2003200, 2003201    
Bug Blocks: 1998318    

Description Guilherme de Almeida Suckevicz 2021-08-26 19:46:47 UTC 
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.

Reference:
https://bugzilla.nasm.us/show_bug.cgi?id=3392568
Comment 1 Guilherme de Almeida Suckevicz 2021-08-26 19:47:03 UTC 
Created nasm tracking bugs for this issue:

Affects: fedora-all [bug 1998317]
Comment 6 Marco Benatto 2021-09-13 15:52:41 UTC 
There's an issue with nasm where a crafted input file may lead to a out-of-bounds read during crc64 calculation. The OOB read may further trigger a crash on nasm. The impact of this issue is pretty low as user interaction is required by making the user open the crafted file and it'll affect only the single run of the single application instanced started by the user.