Amazon Linux 1 Security Advisory: ALAS-2023-1724
Advisory Release Date: 2023-03-30 22:50 Pacific
Advisory Updated Date: 2023-04-05 20:22 Pacific
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c. (CVE-2021-33454)
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c. (CVE-2021-33459)
Affected Packages:
yasm
Issue Correction:
Run yum update yasm to update your system.
i686:
yasm-devel-1.2.0-1.5.amzn1.i686
yasm-1.2.0-1.5.amzn1.i686
yasm-debuginfo-1.2.0-1.5.amzn1.i686
src:
yasm-1.2.0-1.5.amzn1.src
x86_64:
yasm-devel-1.2.0-1.5.amzn1.x86_64
yasm-1.2.0-1.5.amzn1.x86_64
yasm-debuginfo-1.2.0-1.5.amzn1.x86_64