cve/CVE-2019-6290.md at 9ac4b787af2fa0b7575b28040edee6199ce9a667

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.

POC

Reference

https://bugzilla.nasm.us/show_bug.cgi?id=3392548

Github

https://github.com/ICSE2020-MemLock/MemLock_Benchmark
https://github.com/SZU-SE/MemLock_Benchmark
https://github.com/SZU-SE/Stack-overflow-Fuzzer-TestSuite
https://github.com/fuzz-evaluator/MemLock-Fuzz-eval
https://github.com/tzf-key/MemLock_Benchmark
https://github.com/tzf-omkey/MemLock_Benchmark
https://github.com/wcventure/MemLock-Fuzz
https://github.com/wcventure/MemLock_Benchmark

1.2 KiB Raw Blame History

CVE-2019-6290

Description

POC

Reference

Github

1.2 KiB

Raw Blame History