CVE-2025-8734

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-8734
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

04 Nov 2025, 00:15

Type Values Removed Values Added
CVSS v2 : 1.7
v3 : 3.3 		v2 : unknown
v3 : unknown
CWE CWE-415
CWE-119
Summary
  • (es) Se ha encontrado una vulnerabilidad clasificada como problemática en GNU Bison hasta la versión 3.8.2. La función code_free del archivo src/scan-code.c se ve afectada. La manipulación provoca una doble liberación. El ataque debe abordarse localmente. Se ha hecho público el exploit y puede que sea utilizado.
Summary (en) A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function code_free of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The actual existence of this vulnerability is currently in question. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container. (en) Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.
References
  • {'url': 'https://drive.google.com/file/d/123Qe44FaC-GP88dWNl9-6H4jLWUcXYNZ/view?usp=drive_link', 'source': 'cna@vuldb.com'}
  • {'url': 'https://github.com/akimd/bison/issues/115', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?ctiid.319230', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?id.319230', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?submit.622300', 'source': 'cna@vuldb.com'}
  • {'url': 'https://www.gnu.org/', 'source': 'cna@vuldb.com'}
  • {'url': 'https://www.openwall.com/lists/oss-security/2025/10/27/12', 'source': 'af854a3a-2127-422b-91ae-364da2661108'}

28 Oct 2025, 01:16

Type Values Removed Values Added
References
  • () https://www.openwall.com/lists/oss-security/2025/10/27/12 -

19 Aug 2025, 05:15

Type Values Removed Values Added
Summary
  • (es) Se ha encontrado una vulnerabilidad clasificada como problemática en GNU Bison hasta la versión 3.8.2. La función code_free del archivo src/scan-code.c se ve afectada. La manipulación provoca una doble liberación. El ataque debe abordarse localmente. Se ha hecho público el exploit y puede que sea utilizado.
Summary (en) A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The manipulation leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. (en) A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function code_free of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The actual existence of this vulnerability is currently in question. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container.

08 Aug 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-08 18:15

Updated : 2025-11-04 00:15

NVD link : CVE-2025-8734

Mitre link : CVE-2025-8734

CVE.ORG link : CVE-2025-8734

JSON object : View

Products Affected

No product.

CWE

No CWE.