1824469 – (CVE-2019-20334) CVE-2019-20334 nasm: stack consumption occurs in expr# functions in asm/eval.c

Bug 1824469 (CVE-2019-20334) - CVE-2019-20334 nasm: stack consumption occurs in expr# functions in asm/eval.c

Summary: CVE-2019-20334 nasm: stack consumption occurs in expr# functions in asm/eval.c

Keywords:
Status:	NEW
Alias:	CVE-2019-20334
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1824470 1824813 1824814
Blocks:	1824471
TreeView+	depends on / blocked

Reported:	2020-04-16 09:40 UTC by Dhananjay Arunesh
Modified:	2023-07-07 08:32 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2020-04-16 09:40:25 UTC

In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.

https://bugzilla.nasm.us/show_bug.cgi?id=3392548#c4
https://bugzilla.nasm.us/show_bug.cgi?id=3392638

Comment 1 Dhananjay Arunesh 2020-04-16 09:40:50 UTC

Created nasm tracking bugs for this issue:

Affects: fedora-all [bug 1824470]

Comment 2 Stefan Cornelius 2020-04-16 13:50:39 UTC

This only works for me when arbitrarily limiting the stack space via ulimit. This has a CVE and technically we're affected, but overall the impact is so low that it hardly seems relevant.

Note You need to log in before you can comment on or make changes to this bug.