Bug 1107594 (CVE-2018-16517) - VUL-1: CVE-2018-16517: nasm: asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference,which allows the attacker to cause a denial of service via a crafted file.
Summary: VUL-1: CVE-2018-16517: nasm: asm/labels.c in Netwide Assembler (NASM) is pron...
Status: RESOLVED FIXED
Alias: CVE-2018-16517
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Minor
Target Milestone: ---
Assignee: Adam Majer
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/213894/
Whiteboard: CVSSv3:RedHat:CVE-2018-16517:2.5:(AV...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-09-07 06:36 UTC by Marcus Meissner
Modified: 2020-08-11 10:58 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
poc (14 bytes, text/plain)
2018-09-07 06:37 UTC, Marcus Meissner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-09-07 06:36:03 UTC 
CVE-2018-16517

asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference,
which allows the attacker to cause a denial of service via a crafted file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16517
https://fakhrizulkifli.github.io/CVE-2018-16517.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392513
Comment 1 Marcus Meissner 2018-09-07 06:37:43 UTC 
Created attachment 782306 [details]
poc

QA REPRODUCER:

nasm poc

should not crash
Comment 2 Marcus Meissner 2018-09-07 06:38:50 UTC 
not crashing for me ... :/
Comment 3 Swamp Workflow Management 2020-07-06 16:15:42 UTC 
SUSE-SU-2020:1843-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1084631,1086186,1086227,1086228,1090519,1090840,1106878,1107592,1107594,1108404,1115758,1115774,1115795,1173538
CVE References: CVE-2018-1000667,CVE-2018-10016,CVE-2018-10254,CVE-2018-10316,CVE-2018-16382,CVE-2018-16517,CVE-2018-16999,CVE-2018-19214,CVE-2018-19215,CVE-2018-19216,CVE-2018-8881,CVE-2018-8882,CVE-2018-8883
Sources used:
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    nasm-2.14.02-3.4.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    nasm-2.14.02-3.4.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 4 Swamp Workflow Management 2020-07-13 19:13:47 UTC 
openSUSE-SU-2020:0954-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1084631,1086186,1086227,1086228,1090519,1090840,1106878,1107592,1107594,1108404,1115758,1115774,1115795,1173538
CVE References: CVE-2018-1000667,CVE-2018-10016,CVE-2018-10254,CVE-2018-10316,CVE-2018-16382,CVE-2018-16517,CVE-2018-16999,CVE-2018-19214,CVE-2018-19215,CVE-2018-19216,CVE-2018-8881,CVE-2018-8882,CVE-2018-8883
Sources used:
openSUSE Leap 15.2 (src):    nasm-2.14.02-lp152.4.3.1
Comment 5 Swamp Workflow Management 2020-07-13 19:16:35 UTC 
openSUSE-SU-2020:0952-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1084631,1086186,1086227,1086228,1090519,1090840,1106878,1107592,1107594,1108404,1115758,1115774,1115795,1173538
CVE References: CVE-2018-1000667,CVE-2018-10016,CVE-2018-10254,CVE-2018-10316,CVE-2018-16382,CVE-2018-16517,CVE-2018-16999,CVE-2018-19214,CVE-2018-19215,CVE-2018-19216,CVE-2018-8881,CVE-2018-8882,CVE-2018-8883
Sources used:
openSUSE Leap 15.1 (src):    nasm-2.14.02-lp151.3.3.1
Comment 6 Marcus Meissner 2020-08-11 10:58:32 UTC 
done