https://bugzilla.redhat.com/show_bug.cgi?id=1824469
Bug ID: 1824469 Summary: CVE-2019-20334 nasm: stack consumption occurs in expr# functions in asm/eval.c Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: darunesh@redhat.com CC: dominik@greysector.net, i.gnatenko.brain@gmail.com, java-sig-commits@lists.fedoraproject.org, mizdebsk@redhat.com, nickc@redhat.com, pbonzini@redhat.com Target Milestone: --- Classification: Other
In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.
https://bugzilla.nasm.us/show_bug.cgi?id=3392548#c4 https://bugzilla.nasm.us/show_bug.cgi?id=3392638
https://bugzilla.redhat.com/show_bug.cgi?id=1824469
Dhananjay Arunesh darunesh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1824470
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1824470 [Bug 1824470] CVE-2019-20334 nasm: stack consumption occurs in expr# functions in asm/eval.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1824469
--- Comment #1 from Dhananjay Arunesh darunesh@redhat.com --- Created nasm tracking bugs for this issue:
Affects: fedora-all [bug 1824470]
https://bugzilla.redhat.com/show_bug.cgi?id=1824469
Dhananjay Arunesh darunesh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1824471
https://bugzilla.redhat.com/show_bug.cgi?id=1824469
Stefan Cornelius scorneli@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Priority|medium |low Severity|medium |low
--- Comment #2 from Stefan Cornelius scorneli@redhat.com --- This only works for me when arbitrarily limiting the stack space via ulimit. This has a CVE and technically we're affected, but overall the impact is so low that it hardly seems relevant.
https://bugzilla.redhat.com/show_bug.cgi?id=1824469
Stefan Cornelius scorneli@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1824814, 1824813
https://bugzilla.redhat.com/show_bug.cgi?id=1824469 Bug 1824469 depends on bug 1824470, which changed state.
Bug 1824470 Summary: CVE-2019-20334 nasm: stack consumption occurs in expr# functions in asm/eval.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1824470
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
java-sig-commits@lists.stg.fedoraproject.org