CVE-2025-8733

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-8733

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8733.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-8733

Downstream

DEBIAN-CVE-2025-8733

UBUNTU-CVE-2025-8733

Published

2025-08-08T18:15:29Z

Modified

2026-04-10T05:36:24.220585Z

Summary

[none]

Details

A flaw has been found in GNU Bison up to 3.8.2. This affects the function __obstackvprintfinternal of the file obprintf.c. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been published and may be used. It is still unclear if this vulnerability genuinely exists. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container.

Database specific

{
    "isDisputed": true
}

References

https://github.com/akimd/bison/issues/113
https://github.com/akimd/bison/issues/114
https://vuldb.com/?ctiid.319229
https://vuldb.com/?id.319229
https://vuldb.com/?submit.622298
https://vuldb.com/?submit.622299
https://www.gnu.org/

CVE-2025-8733

Affected packages