Vulnerability Details CVE-2025-8846
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.5%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.3
References
- https://bugzilla.nasm.us/show_bug.cgi?id=3392938
- https://drive.google.com/file/d/1MQGtdnz58vRF2fAeJMJ4VGiBQWXpnqfy/view?usp=drive_link
- https://vuldb.com/?ctiid.319380
- https://vuldb.com/?id.319380
- https://vuldb.com/?submit.623189
- https://bugzilla.nasm.us/show_bug.cgi?id=3392938
- https://vuldb.com/?submit.623189
Products affected by CVE-2025-8846
-
cpe:2.3:a:nasm:netwide_assembler:2.17