Bug 522586 (CVE-2008-7177)

Summary: CVE-2008-7177 nasm: listing module buffer overflow
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: rth, zprikryl
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7177
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-10 18:40:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 452800    
Bug Blocks:    

Description Tomas Hoger 2009-09-10 18:34:07 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-7177 to the following vulnerability:

Buffer overflow in the listing module in Netwide Assembler (NASM)
before 2.03.01 has unknown impact and attack vectors, a different
vulnerability than CVE-2008-2719.

References:
http://sourceforge.net/project/shownotes.php?release_id=607497
https://bugzilla.redhat.com/show_bug.cgi?id=452800
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01000.html
http://www.securityfocus.com/bid/29955
http://www.securitytracker.com/id?1020378
http://secunia.com/advisories/30836
http://www.vupen.com/english/advisories/2008/1939
Comment 1 Tomas Hoger 2009-09-10 18:40:57 UTC 
Doing a bit more search around this...

This is full diff between 2.03 and 2.03.1:
http://repo.or.cz/w/nasm.git?a=treediff;hp=a122578dcd9f3461c43dd9f9b81b64d832208866;hb=07c1468307f3b6fe16c7984447cc6512d1677140;hpb=c751e86145aec99b2212321903146723e75af22a

Relevant part of it is:
http://repo.or.cz/w/nasm.git?a=commitdiff;h=7174c5812e3d9f8d32dabdd612487231403e20df

Which, via commit message, leads to this SF.net bug report with further details:
http://sourceforge.net/tracker/?func=detail&atid=106208&aid=1991797&group_id=6208

The code in question was introduced upstream via following commit in Nov 2007:
http://repo.or.cz/w/nasm.git?a=commitdiff;h=34f6fb0a65b247442afcb2148c8c80112ab4cd59

The code is not present in nasm versions shipped in Red Hat Enterprise Linux 3, 4 and 5, hence those versions are not affected by this flaw.

All current Fedora versions are already updated to use nasm version 2.03.1 or later.