{"id":"CVE-2018-1000667","details":"NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..","modified":"2026-04-16T04:32:42.517093080Z","published":"2018-09-06T17:29:01.860Z","related":["SUSE-SU-2020:1843-1","openSUSE-SU-2020:0952-1","openSUSE-SU-2020:0954-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html"},{"type":"REPORT","url":"https://bugzilla.nasm.us/show_bug.cgi?id=3392507"},{"type":"EVIDENCE","url":"https://github.com/cyrillos/nasm/issues/3"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc10"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc11"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc12"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc13"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc14"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc15"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc6"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc7"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc8"}]},{"events":[{"introduced":"0"},{"last_affected":"2.14.0-rc9"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000667.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}