Description
NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
Published: 2026-04-10
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Memory corruption
Action: Immediate patch
AI Analysis

Impact

NASM’s disasm() function contains a stack‑based buffer overflow when formatting disassembly output. The overflow occurs if the slen parameter exceeds the internal buffer, causing an out‑of‑bounds write on the stack. This flaw can corrupt memory and, based on the nature of the overflow, it is inferred that an attacker could potentially execute arbitrary code or compromise the integrity of the running program.

Affected Systems

NASM, the Netwide Assembler, is affected. The CVE explicitly lists version 3.02 rc5 as vulnerable; other releases that share the same vulnerable build of disasm() should be considered at risk until a patch is applied.

Risk and Exploitability

The CVSS score of 7.5 indicates medium to high severity, while the EPSS score of less than 1% suggests it is unlikely to be widely exploited at present. The vulnerability is not included in the CISA KEV catalog, indicating no currently observed widespread exploitation. Exploitation would require an attacker to supply a disassembly string with a slen large enough to overflow the stack; this is inferred to be achievable through local or remote code that calls disasm() on untrusted input.

Generated by OpenCVE AI on April 17, 2026 at 09:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest NASM release that incorporates the hotfix for the disasm buffer overflow.
  • Validate or constrain the slen value passed to disasm() to ensure it does not exceed the expected buffer size.
  • Restrict the use of disasm() to trusted input and avoid processing unsigned or untrusted assembly streams.
  • Monitor logs for abnormal disassemble activity and keep the system updated with vendor security advisories.

Generated by OpenCVE AI on April 17, 2026 at 09:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Nasm netwide Assembler
Weaknesses CWE-787
CPEs cpe:2.3:a:nasm:netwide_assembler:3.02:rc5:*:*:*:*:*:*
Vendors & Products Nasm netwide Assembler

Tue, 14 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121

Tue, 14 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
References
Metrics threat_severity

None

 threat_severity

Important

Mon, 13 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121

Fri, 10 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Nasm
Nasm nasm
Vendors & Products Nasm
Nasm nasm

Fri, 10 Apr 2026 13:45:00 +0000

Type Values Removed Values Added
Description NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
Title CVE-2026-6069
References

Subscriptions

Nasm Nasm Netwide Assembler
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-04-10T14:53:37.082Z

Reserved: 2026-04-10T13:29:59.611Z

Link: CVE-2026-6069

cve-icon Vulnrichment

Updated: 2026-04-10T14:53:32.866Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-10T14:16:38.820

Modified: 2026-04-16T19:48:48.110

Link: CVE-2026-6069

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-10T13:30:48Z

Links: CVE-2026-6069 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T10:00:03Z

Weaknesses