GNU Bison scan-code.c code_free double free

...

CVE-2025-8734

A flaw was found in bison. The codefree function in src/scan-code.c is susceptible to a double-free condition due to improper memory management, allowing a local attacker to trigger a memory corruption issue. This manipulation occurs when processing specially crafted input, resulting in a potenti...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the handleactiondollar function in scan-code.l. An attacker can cause a reachable assertion failure by providing crafted input to this function, potentially leading to a denial of service on the local system...

UBUNTU-CVE-2025-8734

A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function codefree of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The actual existence of this...

CVE-2025-8734

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...

CVE-2025-8734

Removed by vendor...

PT-2025-32389 · Gnu +1 · Gnu Bison +1

Name of the Vulnerable Software and Affected Versions: GNU Bison versions through 3.8.2 Description: A problematic vulnerability has been found in GNU Bison. The issue affects the code free function within the src/scan-code.c file, leading to a double free condition. The attack requires local...