Vulnerability CVE-2018-1000667

Vulnerability Name:

CVE-2018-1000667 (CCN-150525)

Assigned:

2018-08-22

Published:

2018-08-22

Updated:

2020-07-13

Summary:

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-1000667

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0954

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0952

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://bugzilla.nasm.us/show_bug.cgi?id=3392507

Source: XF
Type: UNKNOWN
nasm-cve20181000667-dos(150525)

Source: CCN
Type: nasm GIT Repository
crash found by fuzzing #3

Source: MISC
Type: Exploit, Third Party Advisory
https://github.com/cyrillos/nasm/issues/3

Vulnerable Configuration:

Configuration 1:

cpe:/a:nasm:netwide_assembler:*:*:*:*:*:*:*:* (Version <= 2.14.0)

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc1:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc10:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc11:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc12:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc13:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc14:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc15:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc2:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc3:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc4:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc5:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc6:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc7:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc8:*:*:*:*:*:*

OR cpe:/a:nasm:netwide_assembler:2.14.0:rc9:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20181000667	V	CVE-2018-1000667	2022-09-02
oval:org.opensuse.security:def:3045	P	cups-pk-helper-0.2.5-5.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3090	P	groff-1.22.2-5.287 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3055	P	dovecot22-2.2.31-19.17.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3101	P	gzip-1.10-2.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94837	P	supportutils-3.1.20-150300.7.35.10.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:68544	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:101550	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:64618	P	Security update for postgresql13 (Important)	2021-11-22
oval:org.opensuse.security:def:70491	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:64778	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:73705	P	Security update for curl (Moderate)	2021-10-06
oval:org.opensuse.security:def:63192	P	apache2-2.4.33-3.15.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:65300	P	Security update for MozillaFirefox (Important)	2021-08-19
oval:org.opensuse.security:def:64740	P	Security update for rpm (Important)	2021-08-12
oval:org.opensuse.security:def:2374	P	binutils-gold-2.35.1-7.18.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2330	P	binutils-gold-2.32-7.8.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2388	P	icedtea-web-1.7.1-5.13 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2339	P	libexif12-32bit-0.6.21-5.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2415	P	openconnect-7.08-6.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2365	P	python2-opencv-3.3.1-6.6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63466	P	djvulibre-3.5.27-9.28 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2400	P	libmwaw-0_3-3-0.3.17-4.9.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2368	P	sane-backends-32bit-1.0.27-4.27 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2377	P	djvulibre-3.5.27-9.28 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2334	P	graphviz-gnome-2.40.1-6.3.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2406	P	libstaroffice-0_0-0-0.0.7-7.3.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2361	P	python2-SQLAlchemy-1.2.14-6.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2394	P	libgd3-32bit-2.2.5-9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2372	P	vpx-tools-1.6.1-6.6.8 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2407	P	libsybdb5-1.1.36-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2401	P	libpcap1-32bit-1.9.1-1.33 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2405	P	libsnmp30-32bit-5.7.3-8.24 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2349	P	libsnmp30-32bit-5.7.3-8.24 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63370	P	rmt-server-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62995	P	bsh2-2.0.0.b6-10.65 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71884	P	libcacard0-2.5.3-1.27 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72000	P	login_defs-4.8.1-2.43 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:64739	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:64734	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:64720	P	Security update for apache2 (Important)	2021-06-22
oval:org.opensuse.security:def:64890	P	Security update for containerd, docker, runc (Important)	2021-06-11
oval:org.opensuse.security:def:48885	P	sane-backends-32bit-1.0.24-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48866	P	libpolkit0-32bit-0.113-5.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:2452	P	icedtea-web-1.7.1-1.48 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:2450	P	gnome-shell-calendar-3.26.2+20180130.0d9c74212-2.43 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48904	P	gegl-0_2-0.2.0-14.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48848	P	libFLAC++6-32bit-1.3.0-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:2443	P	dia-0.97.3-2.32 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48886	P	telepathy-gabble-0.18.3-5.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48847	P	lhasa-0.2.0-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:67135	P	Security update for gstreamer-plugins-bad (Important)	2021-06-08
oval:org.opensuse.security:def:2437	P	NetworkManager-lang-1.10.6-3.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:73826	P	Security update for python-py (Moderate)	2021-06-04
oval:org.opensuse.security:def:64511	P	Security update for python-httplib2 (Moderate)	2021-05-31
oval:org.opensuse.security:def:64510	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:70383	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:65210	P	Security update for librsvg (Important)	2021-04-28
oval:org.opensuse.security:def:51535	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:67040	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:64598	P	Security update for java-11-openjdk (Important)	2021-02-09
oval:org.opensuse.security:def:51473	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:49030	P	libpolkit0-32bit-0.113-5.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63164	P	libshibsp-lite7-2.6.1-1.48 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62967	P	ncurses-devel-32bit-6.1-5.6.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63156	P	libapr-util1-dbd-mysql-1.6.1-2.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62963	P	libtidy-devel-5.4.0-3.2.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63173	P	openslp-server-2.0.0-4.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48992	P	gstreamer-0_10-plugins-bad-0.10.23-25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62970	P	osc-0.168.2-3.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63151	P	gnuplot-5.2.2-1.109 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:50124	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64034	P	Security update for djvulibre (Low)	2020-12-01
oval:org.opensuse.security:def:51490	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:63669	P	Security update for libjpeg-turbo (Moderate)	2020-12-01
oval:org.opensuse.security:def:64374	P	libpulse-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49476	P	libyaml-cpp0_6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68647	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:49339	P	syslog-service on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49959	P	libsaml-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49826	P	crash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:75082	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:64949	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:63879	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:74965	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:50152	P	imobiledevice-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64045	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:65015	P	Security update for gettext-runtime (Moderate)	2020-12-01
oval:org.opensuse.security:def:49379	P	containerd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49983	P	subversion-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49195	P	libmp3lame0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49869	P	libpmi0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49592	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65137	P	Security update for helm-mirror (Moderate)	2020-12-01
oval:org.opensuse.security:def:50048	P	apache2-mod_jk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64847	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:75219	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:63673	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:51428	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:50197	P	libopencv3_3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64265	P	glibc-locale-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50079	P	libvirglrenderer0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63816	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:50028	P	qemu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49234	P	libsnmp30 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49633	P	gnome-shell-search-provider-nautilus on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49435	P	libexiv2-26 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50093	P	qemu-audio-oss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49916	P	python-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74832	P	Security update for salt (Critical)	2020-12-01
oval:org.opensuse.security:def:110956	P	Security update for nasm (Moderate)	2020-07-13
oval:org.opensuse.security:def:110627	P	Security update for nasm (Moderate)	2020-07-13
oval:org.opensuse.security:def:104313	P	Security update for nasm (Moderate)	2020-07-06
oval:org.opensuse.security:def:97623	P	Security update for nasm (Moderate)	2020-07-06
oval:org.opensuse.security:def:108216	P	Security update for nasm (Moderate)	2020-07-06
oval:org.opensuse.security:def:90658	P	Security update for nasm (Moderate)	2020-07-06
oval:org.opensuse.security:def:117730	P	Security update for nasm (Moderate)	2020-07-06
oval:com.ubuntu.disco:def:201810006670000000	V	CVE-2018-1000667 on Ubuntu 19.04 (disco) - low.	2018-09-06
oval:com.ubuntu.bionic:def:20181000667000	V	CVE-2018-1000667 on Ubuntu 18.04 LTS (bionic) - low.	2018-09-06
oval:com.ubuntu.cosmic:def:201810006670000000	V	CVE-2018-1000667 on Ubuntu 18.10 (cosmic) - low.	2018-09-06
oval:com.ubuntu.cosmic:def:20181000667000	V	CVE-2018-1000667 on Ubuntu 18.10 (cosmic) - low.	2018-09-06
oval:com.ubuntu.bionic:def:201810006670000000	V	CVE-2018-1000667 on Ubuntu 18.04 LTS (bionic) - low.	2018-09-06
oval:com.ubuntu.trusty:def:20181000667000	V	CVE-2018-1000667 on Ubuntu 14.04 LTS (trusty) - low.	2018-09-06
oval:com.ubuntu.xenial:def:201810006670000000	V	CVE-2018-1000667 on Ubuntu 16.04 LTS (xenial) - low.	2018-09-06
oval:com.ubuntu.xenial:def:20181000667000	V	CVE-2018-1000667 on Ubuntu 16.04 LTS (xenial) - low.	2018-09-06

BACK