A heap buffer overflow vulnerability (CVE-2023-31722) in NASM could allow an attacker to cause a denial of service or execute arbitrary code via crafted input. Additionally, memory allocation issues (CVE-2021-33450, CVE-2021-33452) could lead to excessive resource consumption and a denial of service, specifically affecting Ubuntu 24.04 LTS. The article does not provide CVSS scores, specific affected version ranges, fixed versions, or workarounds for these vulnerabilities.
Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow when handling certain input. An attacker could possibly use this issue to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-31722) It was discovered that NASM incorrectly handled memory allocation. An attacker could possibly use this issue to cause NASM to use excessive resources, leading to a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2021-33452, CVE-2021-33450)