Bug 1121994 (CVE-2019-6291) - VUL-1: CVE-2019-6291: nasm: A stack overflow was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02
Summary: VUL-1: CVE-2019-6291: nasm: A stack overflow was discovered in the function e...
Status: RESOLVED INVALID
Alias: CVE-2019-6291
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Minor
Target Milestone: ---
Assignee: Adam Majer
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/222779/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-01-15 12:11 UTC by Alexandros Toptsoglou
Modified: 2019-01-15 12:14 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-01-15 12:11:18 UTC 
CVE-2019-6291

An issue was discovered in the function expr6 in eval.c in Netwide Assembler
(NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6
function making recursive calls to itself in certain scenarios involving lots of
'!' or '+' or '-' characters. Remote attackers could leverage this vulnerability
to cause a denial-of-service via a crafted asm file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6291
http://www.cvedetails.com/cve/CVE-2019-6291/
https://bugzilla.nasm.us/show_bug.cgi?id=3392549
Comment 1 Alexandros Toptsoglou 2019-01-15 12:14:10 UTC 
This bug does not affect our codestreams; nasm just throws an error when testing the reproducer against version 2.13 without exhausting much of a memory.