Vulnerability - CVE-2023-31975

Name

CVE-2023-31975

Source

NVD ( link)Debian ( link)

Description

yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.

CWEs

CWE-401 CWE-401

Published Date

May 9, 2023

Updated Date

Jun 17, 2026

Workaround

Advisories

http://www.openwall.com/lists/oss-security/2023/06/20/6Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/10Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/13Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/2Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/5Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/7Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/8Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/9Mailing List

http://www.openwall.com/lists/oss-security/2023/06/22/1Mailing List

http://www.openwall.com/lists/oss-security/2023/06/22/3Mailing List

http://www.openwall.com/lists/oss-security/2023/06/22/6Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/1Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/2Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/4Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/8Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/9Mailing List

http://www.openwall.com/lists/oss-security/2023/06/24/1Mailing List

https://github.com/yasm/yasm/issues/210Exploit

http://www.openwall.com/lists/oss-security/2023/06/20/6Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/10Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/13Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/2Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/5Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/7Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/8Mailing List

http://www.openwall.com/lists/oss-security/2023/06/21/9Mailing List

http://www.openwall.com/lists/oss-security/2023/06/22/1Mailing List

http://www.openwall.com/lists/oss-security/2023/06/22/3Mailing List

http://www.openwall.com/lists/oss-security/2023/06/22/6Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/1Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/2Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/4Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/8Mailing List

http://www.openwall.com/lists/oss-security/2023/06/23/9Mailing List

http://www.openwall.com/lists/oss-security/2023/06/24/1Mailing List

https://github.com/yasm/yasm/issues/210Exploit

Analysis#

Affected Component

Analysis

yasm

Exploitable

Vulnerability Ratings#

3.3

CVSSv31

3.3

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

yasm

buildroot

master

1.3.0

Exploitable

yasm

yocto

kirkstone

1.3.0+gitX

Patched

yasm

yocto

scarthgap

1.3.0+git

Patched

Resolved with patches#

yasm (yocto:kirkstone)

Title

Author

Resolve

Fix memory leak in bin-objfmt (#231)

Katsuhiko Gondow <gondow@cs.titech.ac.jp>

CVE-2023-31975

yasm (yocto:scarthgap)

Title

Author

Resolve

Fix memory leak in bin-objfmt (#231)

Katsuhiko Gondow <gondow@cs.titech.ac.jp>

CVE-2023-31975