CVE-2023-49556 in YASMinfo

Summary

by MITRE • 01/03/2024

Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 08/15/2025

The buffer overflow vulnerability identified as CVE-2023-49556 affects YASM version 1.3.0.86.g9def and resides within the libyasm/expr.c component at the expr_delete_term function. This flaw represents a critical security concern that can be exploited by remote attackers to execute denial of service attacks against systems utilizing this assembler. The vulnerability stems from insufficient input validation and memory management within the expression handling subsystem of the YASM toolchain, which processes assembly language expressions during the compilation process.

The technical implementation of this buffer overflow occurs when the expr_delete_term function processes malformed input data without proper bounds checking or memory allocation validation. This function is responsible for cleaning up expression terms during the assembly process, and when confronted with specially crafted input that exceeds expected buffer boundaries, it fails to properly handle the overflow condition. The vulnerability manifests as a classic stack-based buffer overflow scenario where attacker-controlled data overflows into adjacent memory regions, potentially corrupting program execution flow and leading to application termination or system instability. According to CWE classification, this vulnerability maps to CWE-121 Stack-based Buffer Overflow, which occurs when a program writes data beyond the boundaries of a fixed-length stack buffer.

The operational impact of CVE-2023-49556 extends beyond simple denial of service, as it can be leveraged by malicious actors to disrupt legitimate assembly processing workflows. Systems that rely on YASM for compiling assembly code, particularly those in development environments or automated build systems, become vulnerable to exploitation. Attackers can craft malicious assembly inputs that trigger the buffer overflow during compilation, causing the assembler to crash or behave unpredictably. This vulnerability is particularly concerning in continuous integration environments where automated builds may be subject to untrusted input, potentially allowing attackers to disrupt development processes or gain unauthorized access to build infrastructure.

Mitigation strategies for this vulnerability involve immediate patching of YASM to version 1.3.0.86.g9def or later, which contains the necessary fixes for the buffer overflow condition. Organizations should also implement input validation controls and sanitize all assembly code inputs before processing through YASM. From an ATT&CK framework perspective, this vulnerability aligns with techniques involving denial of service through resource exhaustion and code execution manipulation. System administrators should monitor for abnormal process termination or memory consumption patterns that may indicate exploitation attempts. Additionally, implementing sandboxing mechanisms for assembly processing and restricting YASM execution to trusted environments can significantly reduce the attack surface. The vulnerability demonstrates the importance of proper memory management practices in compiler toolchains and highlights the need for rigorous input validation in all components of software development tooling.

Reservation

11/27/2023

Disclosure

01/03/2024

Moderation

accepted

CPE

ready

EPSS

0.00416

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!