A stack-based buffer overflow in NASM's disassembly functionality could permit arbitrary code execution when processing malicious files.

The disasm() function improperly handles memory during disassembly output formatting, leading to a stack-based buffer overflow when the slen parameter exceeds the predefined buffer capacity.

This vulnerability poses a significant risk to the security of systems processing untrusted assembly code. With a CVSS score of 7.5, successful exploitation could lead to arbitrary code execution, potentially granting an attacker full control over the process environment and the ability to execute unauthorized commands.

Immediate Action: Update to the latest version of NASM that includes the security fix for the disasm() function.

Proactive Monitoring: Monitor disassembly tools and processes for abnormal termination or memory corruption errors that might suggest exploitation.

Compensating Controls: Employ memory protection mechanisms such as Address Space Layout Randomization (ASLR) and stack canaries if available to mitigate the impact of buffer overflow attacks.

Public Exploit Available: false

Given the risks associated with buffer overflows in foundational development tools, immediate remediation is required. Organizations should ensure that all instances of NASM are updated to patched versions to prevent potential code execution attacks.