Vulnerabilities > CVE-2023-49554 - Use After Free vulnerability in Yasm Project Yasm 1.3.0.86.G9Def

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

yasm-project

CWE-416

NVD

Published: 2024-01-03

Updated: 2024-01-09

Summary

Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.

Vulnerable Configurations

Part	Description	Count
Application	Yasm_Project Yasm Project Yasm 1.3.0.86.G9Def	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://github.com/yasm/yasm/issues/249