Vulnerabilities > CVE-2023-31973 - Memory Leak vulnerability in Tortall Yasm 1.3.0

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
tortall
CWE-401

Summary

yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.

Vulnerable Configurations

Part Description Count
Application
Tortall
1