CVE-2024-22653 – This CVE describes a NULL pointer dereference v... (How to Fix)

Q: What is the severity of CVE-2024-22653?

CVE-2024-22653 has a CVSS score of 4.8 (MEDIUM). This CVE describes a NULL pointer dereference vulnerability in Yasm, an assembler used for compiling code. When exploited, it can cause the yasm process to crash, potentially leading to denial of service. This affects systems running vulnerable versions of Yasm when processing malicious assembly files.

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in Yasm, an assembler used for compiling code. When exploited, it can cause the yasm process to crash, potentially leading to denial of service. This affects systems running vulnerable versions of Yasm when processing malicious assembly files.

💻 Affected Systems

Products:

Yasm

Versions: Versions before commit 9defefae (specifically commit 9defefae introduced the vulnerability)

Operating Systems: All platforms where Yasm runs (Linux, Windows, macOS)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where yasm is installed and used to process assembly files. The vulnerability is triggered during assembly file processing.

📦 What is this software?

Yasm by Yasm Project

View all CVEs affecting Yasm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service for applications relying on yasm, potentially disrupting build pipelines or automated assembly processes.

🟠

Likely Case

Application crash when processing specially crafted assembly files, requiring manual restart of affected processes.

🟢

If Mitigated

Minimal impact with proper input validation and sandboxing of yasm execution.

🌐 Internet-Facing: LOW - Yasm is typically used as a build tool, not directly exposed to internet traffic.

🏢 Internal Only: MEDIUM - Build servers and development environments using yasm could be disrupted by malicious code injection.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept available in GitHub issue. Exploitation requires ability to feed malicious assembly files to yasm.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after commit 9defefae (the fix is in later commits)

Vendor Advisory: https://github.com/yasm/yasm/issues/247

Restart Required: No

Instructions:

1. Update yasm to latest version from official repository. 2. For source installations: git clone https://github.com/yasm/yasm.git, build and install. 3. For package managers: Use system package manager to update yasm package.

🔧 Temporary Workarounds

Input validation and sanitization

all

Validate and sanitize assembly files before processing with yasm

Sandbox yasm execution

linux

Run yasm in isolated containers or sandboxes to limit impact of crashes

docker run --rm -v $(pwd):/src yasm yasm [options]

🧯 If You Can't Patch

Implement strict access controls on who can submit assembly files for processing
Monitor yasm processes for crashes and implement automatic restart mechanisms

🔍 How to Verify

Check if Vulnerable:

Check yasm version: yasm --version. If version predates commit 9defefae (Oct 2023), it's likely vulnerable.

Check Version:

yasm --version

Verify Fix Applied:

Test with proof-of-concept assembly file from GitHub issue. If yasm doesn't crash, fix is applied.

📡 Detection & Monitoring

Log Indicators:

Segmentation fault or crash logs from yasm process
Unexpected termination of build processes using yasm

Network Indicators:

None - this is a local code execution vulnerability

SIEM Query:

process_name:yasm AND (event_type:crash OR exit_code:139 OR exit_code:11)

📊 Metadata

CVE ID: CVE-2024-22653

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE: CWE-476

EPSS Score: 0.07% exploit probability (20th percentile)

Published: May 29, 2025

Last Updated: June 18, 2025

🔗 References

https://gist.github.com/TimChan2001/03e5792b15d0a34bfaad970e37c17660 Third Party Advisory
https://github.com/yasm/yasm/issues/247 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-22653, you might also want to check these: