In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c. Reference: https://bugzilla.nasm.us/show_bug.cgi?id=3392707 Upstream patch: https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461
Created nasm tracking bugs for this issue: Affects: fedora-all [bug 1872804]
Statement: nasm as shipped with Red Hat Enterprise Linux 7 and 8 are not affected by this flaw because the vulnerable code was introduced in a newer version of nasm.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-24241