A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512. https://github.com/hanxuer/crashes/blob/main/yasm/04/readme.md
Created yasm tracking bugs for this issue: Affects: epel-all [bug 2259118] Affects: fedora-all [bug 2259119]
Note - per yasm's own security.md document only bugs that cause corrupt output are considered to be security issues. Since this bug is just a memory leak - and not a very big one at that, just 49 bytes - this issue should not be a CVE, and definitely should not have a medium priority.
Red Hat Product Security does not consider this to be a vulnerability.