CVE-2025-8842 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-8842 Interim 1 2 2025-09-22T08:07:17Z current 2025-08-13T23:32:37Z 2025-09-22T08:07:17Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-8842 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SLES-LTSS-TERADATA 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SP6 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Module for Development Tools 15 SP6 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Module for Development Tools 15 SP6 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server Teradata 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP6 SUSE Linux Enterprise Module for Development Tools 15 SP7 openSUSE Leap 15.6 nasm nasm as a component of SLES-LTSS-TERADATA 15 SP2 nasm as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS nasm as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS nasm as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS nasm as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS nasm as a component of SUSE Linux Enterprise Module for Development Tools 15 SP6 nasm as a component of SUSE Linux Enterprise Module for Development Tools 15 SP7 nasm as a component of SUSE Linux Enterprise Server 15 SP1-LTSS nasm as a component of SUSE Linux Enterprise Server 15 SP2-LTSS nasm as a component of SUSE Linux Enterprise Server 15 SP3-LTSS nasm as a component of SUSE Linux Enterprise Server 15 SP4-LTSS nasm as a component of SUSE Linux Enterprise Server 15 SP5-LTSS nasm as a component of SUSE Linux Enterprise Server 15-LTSS nasm as a component of SUSE Linux Enterprise Server Teradata 15 SP4 nasm as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 nasm as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 nasm as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 nasm as a component of openSUSE Leap 15.6 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. CVE-2025-8842 SLES-LTSS-TERADATA 15 SP2:nasm SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nasm SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nasm SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nasm SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nasm SUSE Linux Enterprise Module for Development Tools 15 SP6:nasm SUSE Linux Enterprise Module for Development Tools 15 SP7:nasm SUSE Linux Enterprise Server 15 SP1-LTSS:nasm SUSE Linux Enterprise Server 15 SP2-LTSS:nasm SUSE Linux Enterprise Server 15 SP3-LTSS:nasm SUSE Linux Enterprise Server 15 SP4-LTSS:nasm SUSE Linux Enterprise Server 15 SP5-LTSS:nasm SUSE Linux Enterprise Server 15-LTSS:nasm SUSE Linux Enterprise Server Teradata 15 SP4:nasm SUSE Linux Enterprise Server for SAP Applications 15 SP3:nasm SUSE Linux Enterprise Server for SAP Applications 15 SP4:nasm SUSE Linux Enterprise Server for SAP Applications 15 SP5:nasm openSUSE Leap 15.6:nasm low 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L