Description
NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code execution.
Published: 2026-04-10
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

NASM implements a heap use‑after‑free bug in its response file (-@) handling. A dangling pointer to freed memory is stored in the global depend_file and later dereferenced when the response-file buffer is freed, leading to memory corruption or remote code execution. The weakness is a classic heap use‑after‑free error (CWE‑416). An attacker could exploit the vulnerability by supplying a crafted response file, potentially altering program state or executing arbitrary code.

Affected Systems

The Netwide Assembler (NASM) is the affected product, specifically version 3.02 RC5 as identified by the CPE string. The vulnerability resides in the response-file parser. No other vendors or products are listed.

Risk and Exploitability

The CVSS score of 6.5 places this vulnerability in the moderate severity range. EPSS score is less than 1% and the flaw is not in the CISA KEV catalog, indicating no widespread exploitation. The likely attack vector is local; a user who supplies a crafted response file when invoking NASM can trigger the use‑after‑free. Remote exploitation would require NASM to be exposed as a network‑serviced component, which is unlikely in typical use. The vulnerability may lead to data corruption or remote code execution if the attacker chains it with additional weaknesses.

Generated by OpenCVE AI on May 20, 2026 at 15:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for an updated version of NASM that addresses the issue and install it.
  • If no patch is available, avoid using the response file feature until a fix is released and limit NASM execution to trusted users.
  • Monitor the official NASM issue tracker or mailing list for updates on a fix.
  • As a temporary precaution, run NASM under sandboxing or strict memory protection settings such as address space layout randomization and stack canaries to reduce the risk of arbitrary code execution.

Generated by OpenCVE AI on May 20, 2026 at 15:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 20 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior. NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code execution.

Tue, 19 May 2026 14:30:00 +0000

Type Values Removed Values Added
References

Thu, 16 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Nasm netwide Assembler
CPEs cpe:2.3:a:nasm:netwide_assembler:3.02:rc5:*:*:*:*:*:*
Vendors & Products Nasm netwide Assembler

Tue, 14 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References

Mon, 13 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416

Fri, 10 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Nasm
Nasm nasm
Vendors & Products Nasm
Nasm nasm

Fri, 10 Apr 2026 13:45:00 +0000

Type Values Removed Values Added
Description NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior.
Title CVE-2026-6068
References

Subscriptions

Nasm Nasm Netwide Assembler
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-05-20T14:02:31.446Z

Reserved: 2026-04-10T13:29:25.329Z

Link: CVE-2026-6068

cve-icon Vulnrichment

Updated: 2026-04-10T14:56:23.209Z

cve-icon NVD

Status : Modified

Published: 2026-04-10T14:16:38.723

Modified: 2026-05-20T14:17:02.973

Link: CVE-2026-6068

cve-icon Redhat

Severity :

Publid Date: 2026-04-10T13:30:38Z

Links: CVE-2026-6068 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-20T16:00:06Z

Weaknesses