Primary

Context

GNU Bison Double Free Vulnerability in Code Scanner Buffer Management

Vulnerability

A double free vulnerability has been identified in GNU Bison versions through 3.8.2. This issue occurs in the 'code_free' function within 'src/scan-code.c', where the same memory address is freed multiple times. This double free leads to heap corruption, causing the program to crash. The vulnerability requires local exploitation and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes a double free error, leading to heap corruption and a program crash. Such memory corruption vulnerabilities can often be exploited to execute arbitrary code.

Reproduction

The vulnerability can be reproduced by using Bison to process a specially crafted grammar file that triggers the double free error. This can be done by executing Bison with the proof-of-concept file 'POC_bison_memory_corruption_doublefree', which is available for download.

Added: Aug 8, 2025, 6:17 PM

Updated: Aug 8, 2025, 9:17 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

8.3

relevance

0.3

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

8.3

relevance

0.3

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Bison Double Free Vulnerability in Code Scanner Buffer Management

Vulnerability

Impact

Reproduction

Affected Products

GNU Bison

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating