CVE-2025-8844 MEDIUM

CVE-2025-8844: NASM Netwide Assember preproc.c parse_smacro_template null pointer dereference

Vendor Nasm
Product Netwide Assember
Weakness CWE-476
Published August 11, 2025
Last update August 11, 2025

CVSS base score

4.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

August 11, 2025 CVE published
August 11, 2025 Record updated