Upstream information

CVE-2019-7147 at MITRE

Description

A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service.

SUSE information

CVSS v3 Scores
  SUSE
Base Score 4.4
Vector AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Access Vector Local
Access Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality Impact None
Integrity Impact Low
Availability Impact Low
SUSE Bugzilla entry: 1123635 [NEW]

No SUSE Security Announcements cross referenced.