Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 24.04 LTS NASM Security Advisory USN-8248-2 CVE-2023-31722

ubuntu
Calendar Grey May 8, 2026
Dist Ubuntu Esm H88
Update addresses regression in NASM due to previous patches, ensuring stability on Ubuntu 24.04 LTS.
USN-8248-1 introduced a regression in NASM

Summary

USN-8248-1 introduced a regression in NASM

Software Description:

- nasm: Netwide Assembler

Details:

USN-8248-1 fixed vulnerabilities in NASM. Unfortunately the update

introduced a regression which could cause NASM to crash. This update fixes

the problem by reverting the fix for CVE-2021-33450 and CVE-2021-33452 in

Ubuntu 24.04 LTS.

We apologize for the inconvenience.

Original advisory details:

Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow

when handling certain input. An attacker could possibly use this issue to

cause NASM to crash, resulting in a denial of service, or possibly

execute arbitrary code. (CVE-2023-31722)

It was discovered that NASM incorrectly handled memory allocation. An

attacker could possibly use this issue to cause NASM to use excessive

resources, leading to a denial of service. This issue only affected

Ubuntu 24.04 LTS. (CVE-2021-33452, CVE-2021-33450)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  nasm                            2.16.01-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8248-2

https://ubuntu.com/security/notices/USN-8248-1

CVE-2021-33450, CVE-2021-33452, https://launchpad.net/bugs/2151861

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8248-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here