CVE-2025-8845
Publication date 11 August 2025
Last updated 13 August 2025
Ubuntu priority
Description
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Why is this CVE low priority?
localhost access is needed
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| nasm | 26.04 LTS resolute |
Needs evaluation
|
| 25.10 questing |
Needs evaluation
|
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial | Ignored end of ESM support, was needs-triage |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
5.3 · Medium
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L