In Netwide Assembler 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.