NASM Netwide Assember preproc.c do_directive use after free_CVE-2025-8842

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8842

Source VulDB

Published Aug 11, 2025 at 10:32

Affected Product

Vendor NASM

Product Netwide Assember

Version 2.17rc0

Affected Versions NASM Netwide Assember 2.17rc0

CWE Classification

CWE-416 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-11T10:32:09.151Z",
    "modified": "2025-08-11T10:32:09.151Z",
    "type": "cve",
    "title": "NASM Netwide Assember preproc.c do_directive use after free",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319376\nhttps://vuldb.com/?ctiid.319376\nhttps://vuldb.com/?submit.623184\nhttps://bugzilla.nasm.us/show_bug.cgi?id=3392933\nhttps://drive.google.com/file/d/11vEV1vMHXO4BrDGhvWAMm0Qo1woiUwVV/view?usp=drive_link",
    "id": "CVE-2025-8842",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "NASM Netwide Assember 2.17rc0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Netwide Assember",
    "version": "2.17rc0",
    "vendor": "NASM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}