CVE-2022-44369

NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name	Vendor	Start Version	End Version
Netwide_assembler	Nasm	2.16 (including)	2.16 (including)
Netwide_assembler	Nasm	2.16-rc0 (including)	2.16-rc0 (including)
Netwide_assembler	Nasm	2.16-rc10 (including)	2.16-rc10 (including)
Netwide_assembler	Nasm	2.16-rc11 (including)	2.16-rc11 (including)
Netwide_assembler	Nasm	2.16-rc12 (including)	2.16-rc12 (including)
Netwide_assembler	Nasm	2.16-rc4 (including)	2.16-rc4 (including)
Netwide_assembler	Nasm	2.16-rc5 (including)	2.16-rc5 (including)
Netwide_assembler	Nasm	2.16-rc6 (including)	2.16-rc6 (including)
Netwide_assembler	Nasm	2.16-rc7 (including)	2.16-rc7 (including)
Netwide_assembler	Nasm	2.16-rc8 (including)	2.16-rc8 (including)
Netwide_assembler	Nasm	2.16-rc9 (including)	2.16-rc9 (including)

Potential Mitigations

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392819

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-44369
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References