Vulnerability CVE-2023-37732: Information

Description

Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Published: July 27, 2023
Modified: Aug. 2, 2023
Error type identifier: CWE-476

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
yasmsisyphus1.3.0-alt31.3.0-alt3ALT-PU-2024-9768-1352465Fixed
yasmsisyphus_riscv641.3.0-alt31.3.0-alt3ALT-PU-2024-9790-1-Fixed
yasmsisyphus_loongarch641.3.0-alt31.3.0-alt3ALT-PU-2024-9796-1-Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:yasm_project:yasm:1.3.0.78.g4dc8:*:*:*:*:*:*:*