Login Sign Up

CVE-2019-19787

7.8 HIGH
Buffer Overflow

📋 TL;DR

CVE-2019-19787 is a stack-based buffer overflow vulnerability in ATasm 1.06 that occurs when processing malicious .m65 files. Attackers can exploit this to execute arbitrary code or crash the application. Users of ATasm 1.06 who process untrusted .m65 files are affected.

💻 Affected Systems

Products:
  • ATasm
Versions: Version 1.06 specifically
Operating Systems: Linux, Windows, macOS - any OS running ATasm
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when processing .m65 files. The vulnerability is in the get_signed_expression() function in setparse.c.

📦 What is this software?

Atasm by Atasm Project

View all CVEs affecting Atasm →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the ATasm process, potentially leading to full system compromise if ATasm runs with elevated privileges.

🟠

Likely Case

Application crash (denial of service) or limited code execution within the context of the ATasm process.

🟢

If Mitigated

No impact if ATasm is not used to process untrusted .m65 files or if the vulnerable version is not deployed.

🌐 Internet-Facing: LOW - ATasm is typically used as a local development tool, not exposed to internet traffic.
🏢 Internal Only: MEDIUM - Risk exists if users process untrusted .m65 files from internal sources or compromised repositories.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires the victim to process a crafted .m65 file. The bug report on SourceForge includes technical details that could facilitate exploit development.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: ATasm 1.07 or later

Vendor Advisory: https://sourceforge.net/p/atasm/bugs/10/

Restart Required: No

Instructions:

1. Download ATasm 1.07 or later from the official SourceForge repository. 2. Replace the existing ATasm binary with the updated version. 3. Verify the version with 'atasm --version'.

🔧 Temporary Workarounds

Avoid processing untrusted .m65 files

all

Do not use ATasm to assemble or process .m65 files from untrusted sources.

🧯 If You Can't Patch

  • Restrict ATasm usage to trusted users only and audit .m65 file sources.
  • Run ATasm in a sandboxed or isolated environment with minimal privileges.

🔍 How to Verify

Check if Vulnerable:

Check ATasm version: if it's exactly 1.06, it's vulnerable. Use 'atasm --version' or check the installed package version.

Check Version:

atasm --version

Verify Fix Applied:

After updating, run 'atasm --version' and confirm the version is 1.07 or higher.

📡 Detection & Monitoring

Log Indicators:

  • ATasm crash logs or core dumps when processing .m65 files
  • Unexpected process termination of ATasm

Network Indicators:

  • Not applicable - local file processing vulnerability

SIEM Query:

Process monitoring for ATasm crashes or abnormal termination events.

📊 Metadata

CVE ID: CVE-2019-19787
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: December 13, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-19787, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)