CVE-2017-10686: Use After Free

June 29, 2017 (updated March 28, 2019)

In Netwide Assembler (NASM) rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in delete_Token(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack.

References

bugzilla.nasm.us/show_bug.cgi?id=3392414
nvd.nist.gov/vuln/detail/CVE-2017-10686
security.gentoo.org/glsa/201903-19
usn.ubuntu.com/3694-1/

Code Behaviors & Features

Detect and mitigate CVE-2017-10686 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →