Common Vulnerabilities and Exposures assigned an identifier CVE-2008-7177 to the following vulnerability:
Buffer overflow in the listing module in Netwide Assembler (NASM)
before 2.03.01 has unknown impact and attack vectors, a different
vulnerability than CVE-2008-2719.
Doing a bit more search around this...
This is full diff between 2.03 and 2.03.1:
Relevant part of it is:
Which, via commit message, leads to this SF.net bug report with further details:
The code in question was introduced upstream via following commit in Nov 2007:
The code is not present in nasm versions shipped in Red Hat Enterprise Linux 3, 4 and 5, hence those versions are not affected by this flaw.
All current Fedora versions are already updated to use nasm version 2.03.1 or later.