CVE-2018-20535: Use After Free

December 28, 2018 (updated January 18, 2019)

There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) rc16 that will cause a denial of service during a line-number increment attempt.

References

bugzilla.nasm.us/show_bug.cgi?id=3392530
nvd.nist.gov/vuln/detail/CVE-2018-20535

Detect and mitigate CVE-2018-20535 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →