[Nasm-devel] NASM Flaw Analysis : CVE-2021-45256 and CVE-2021-45257 | Bugzilla Down
Cyrill Gorcunov
gorcunov at gmail.com
Wed Jan 5 05:03:41 PST 2022
On Wed, Jan 05, 2022 at 03:50:09PM +0530, Tej Rathi wrote:
> Hello,
> I am performing an analysis of CVE-2021-45256 and CVE-2021-45257 on behalf
> of Red Hat Product Security, and it seems like https://bugzilla.nasm.us/
> is down. Let us know when it's going to be up again or kindly revert back
> with appropriate details regarding the given flaw or other references (if
> any).
> We would appreciate your consideration and review.
> CVE-2021-45256:
> Flaw Summary: CVE-2021-45256 nasm: Null pointer dereference via
> asm/preproc.c
> CVE-2021-45257:
> Flaw Summary: CVE-2021-45257 nasm: Infinite loop via the gpaste_tokens
> function
> References:
>
> https://bugzilla.nasm.us/show_bug.cgi?id=3392789
> https://bugzilla.nasm.us/show_bug.cgi?id=3392790
>
>
> Thank you for your time and consideration.
Thanks a huge, Tej! I'll take a look once time permit. Have not clue why
bugzilla is down for a while. I'm on vacation right now but will try to
take a look once I've get spare minutes.
More information about the Nasm-devel
mailing list