Vulnerabilities > CVE-2023-37732 - NULL Pointer Dereference vulnerability in Yasm Project Yasm 1.3.0.78.G4Dc8

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

yasm-project

CWE-476

NVD

Published: 2023-07-26

Updated: 2023-08-02

Summary

Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.

Vulnerable Configurations

Part	Description	Count
Application	Yasm_Project Yasm Project Yasm 1.3.0.78.G4Dc8	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://gist.github.com/ChanStormstout/02eea9cf5c002b42b2ff3de5ca939520
https://github.com/yasm/yasm/issues/233