Home > Vulnerability Database > CVE-2023-29581

Mend.io Vulnerability Database

CVE-2023-29581

Date: April 12, 2023

yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to be input validation before data reaches libyasm, or a sandbox in which the application runs.

Language: C

Severity Score

5.5

Related Resources (7)

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2186333

Url: https://github.com/yasm/yasm/issues/216

Url: https://github.com/z1r00/fuzz_vuln/blob/main/yasm/segv/delete_Token/readme.md

Url: https://security-tracker.debian.org/tracker/CVE-2023-29581

Url: https://github.com/yasm/yasm/blob/master/SECURITY.md

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-29581

Url: https://www.mend.io/vulnerability-database/CVE-2023-29581

Severity Score

5.5

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-29581

Date: April 12, 2023

Language: C

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?