CVE-2022-46457: 
CBL Mariner vulnerability analysis and mitigation

NASM (Netwide Assembler) version 2.16 was discovered to contain a segmentation violation vulnerability in the component ieeewritefile at /output/outieee.c. The vulnerability was reported on September 15, 2022, and was assigned CVE-2022-46457. This security flaw affects multiple versions of NASM including v2.16 and its release candidates (NVD).

The vulnerability is characterized by a segmentation fault that occurs in the ieeewritefile component. According to the National Vulnerability Database, this issue has been assigned a CVSS v3.1 Base Score of 5.5 (Medium), with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. The bug was confirmed through testing with Address Sanitizer, which revealed a SEGV (segmentation violation) on memory access at address 0x000000000008 (NASM Bugzilla).

The vulnerability results in a crash of the CLI tool when processing certain input files. While the impact is primarily related to system availability through application crashes, there are no reported confidentiality or integrity impacts. The security impact has been classified as unimportant according to Debian's security tracker (Debian Tracker).

The issue has been marked as CLOSED FIXED in the NASM bug tracking system. Users are advised to upgrade to versions newer than 2.16.03 which contains the fix for this vulnerability (NASM Bugzilla).