From 90dababcb45a554034f613ebaee55157e4e786b8 Mon Sep 17 00:00:00 2001 From: Ratiranjan Behera Date: Tue, 10 Mar 2026 05:40:33 +0000 Subject: [PATCH] Patch nasm for CVE-2022-46456 --- SPECS/nasm/CVE-2022-46456.patch | 85 +++++++++++++++++++++++++++++++++ SPECS/nasm/nasm.spec | 10 +++- 2 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 SPECS/nasm/CVE-2022-46456.patch diff --git a/SPECS/nasm/CVE-2022-46456.patch b/SPECS/nasm/CVE-2022-46456.patch new file mode 100644 index 00000000000..247569a5dbf --- /dev/null +++ b/SPECS/nasm/CVE-2022-46456.patch @@ -0,0 +1,85 @@ +From e05867ce3dfe303186f6c66df20251bfd828fd49 Mon Sep 17 00:00:00 2001 +From: "H. Peter Anvin" +Date: Sat, 30 Aug 2025 16:16:43 -0700 +Subject: [PATCH] ndisasm: make the assembler (hopefully) work again + +- Significantly overhauled the disassembler internals to make + better use of the information already in the instruction template + and to reduce the implementation differences with the assembler +- Add APX support to the disassembler +- Fix problem with disassembler truncating addresses of jumps +- Fix generation of invalid EAs in 16-bit mode +- Fix array overrun for types in a few modules +- Fix invalid ND flag on near JMP + +Signed-off-by: H. Peter Anvin (Intel) + +Upstream Patch Reference: https://github.com/netwide-assembler/nasm/commit/e05867ce3dfe303186f6c66df20251bfd828fd49 +--- + output/outdbg.c | 43 +++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 39 insertions(+), 4 deletions(-) + +diff --git a/output/outdbg.c b/output/outdbg.c +index e7a9a4e..04cb3dd 100644 +--- a/output/outdbg.c ++++ b/output/outdbg.c +@@ -408,9 +408,44 @@ dbg_pragma(const struct pragma *pragma) + return DIRR_OK; + } + +-static const char * const types[] = { +- "unknown", "label", "byte", "word", "dword", "float", "qword", "tbyte" +-}; ++static const char *type_name(uint32_t type) ++{ ++ switch (TYM_TYPE(type)) { ++ case TY_UNKNOWN: ++ return "unknown"; ++ case TY_LABEL: ++ return "label"; ++ case TY_BYTE: ++ return "byte"; ++ case TY_WORD: ++ return "word"; ++ case TY_DWORD: ++ return "dword"; ++ case TY_FLOAT: ++ return "float"; ++ case TY_QWORD: ++ return "qword"; ++ case TY_TBYTE: ++ return "tbyte"; ++ case TY_OWORD: ++ return "oword"; ++ case TY_YWORD: ++ return "yword"; ++ case TY_ZWORD: ++ return "zword"; ++ case TY_COMMON: ++ return "common"; ++ case TY_SEG: ++ return "seg"; ++ case TY_EXTERN: ++ return "extern"; ++ case TY_EQU: ++ return "equ"; ++ default: ++ return ""; ++ } ++} ++ + static void dbgdbg_init(void) + { + fprintf(ofile, "dbg init: debug information enabled\n"); +@@ -457,7 +492,7 @@ static void dbgdbg_output(int output_type, void *param) + static void dbgdbg_typevalue(int32_t type) + { + fprintf(ofile, "dbg typevalue: %s(%"PRIX32")\n", +- types[TYM_TYPE(type) >> 3], TYM_ELEMENTS(type)); ++ type_name(type), TYM_ELEMENTS(type)); + } + + static void +-- +2.45.4 + diff --git a/SPECS/nasm/nasm.spec b/SPECS/nasm/nasm.spec index 77a8af265d0..53ac1226bf3 100644 --- a/SPECS/nasm/nasm.spec +++ b/SPECS/nasm/nasm.spec @@ -1,20 +1,23 @@ Summary: Netwide Assembler. Name: nasm Version: 2.16.01 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD Vendor: Microsoft Corporation Distribution: Azure Linux Group: System Environment/Libraries URL: https://www.nasm.us Source0: http://www.nasm.us/pub/nasm/releasebuilds/%{version}/%{name}-%{version}.tar.gz +Patch0: CVE-2022-46456.patch +BuildRequires: perl +BuildRequires: perl(File::Find) ExclusiveArch: x86_64 %description NASM (Netwide Assembler) is an 80x86 assembler designed for portability and modularity. It includes a disassembler as well. %prep -%setup -q +%autosetup -p1 %build %configure @@ -33,6 +36,9 @@ make %{?_smp_mflags} -k test %{_datadir}/* %changelog +* Mon Mar 09 2026 Ratiranjan Behera - 2.16.01-2 +- Add patch for CVE-2022-46456 + * Fri Oct 27 2023 CBL-Mariner Servicing Account - 2.16.01-1 - Auto-upgrade to 2.16.01 - Azure Linux 3.0 - package upgrades