Vulnerability Database

314,342

Total vulnerabilities in the database

CVE-2025-8842

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Published: Aug 11, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-8842
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS v2:

Severity: Low
Score: 4.3
AV:L/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-119
CWE-416

Affected Software
References

Software	From	Fixed in
nasm / netwide_assembler	2.17-rc0	2.17-rc0.x

https://bugzilla.nasm.us/show_bug.cgi?id=3392933
https://drive.google.com/file/d/11vEV1vMHXO4BrDGhvWAMm0Qo1woiUwVV/view?usp=drive_link
https://vuldb.com/?ctiid.319376
https://vuldb.com/?id.319376
https://vuldb.com/?submit.623184

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo