GNU Bison obprintf.c __obstack_vprintf_internal assertion_CVE-2025-8733

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of the file obprintf.c. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8733

Source VulDB

Published Aug 8, 2025 at 17:32

Modified Aug 8, 2025 at 17:52

Affected Product

Vendor GNU

Product Bison

Version 3.8.0

Affected Versions GNU Bison 3.8.0
GNU Bison 3.8.1
GNU Bison 3.8.2

CWE Classification

CWE-617

References

{
    "lastseen": "",
    "description": "A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of the file obprintf.c. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-08T17:32:06.798Z",
    "modified": "2025-08-08T17:52:55.136Z",
    "type": "cve",
    "title": "GNU Bison obprintf.c __obstack_vprintf_internal assertion",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319229\nhttps://vuldb.com/?ctiid.319229\nhttps://vuldb.com/?submit.622298\nhttps://vuldb.com/?submit.622299\nhttps://github.com/akimd/bison/issues/113\nhttps://github.com/akimd/bison/issues/114\nhttps://www.gnu.org/",
    "id": "CVE-2025-8733",
    "bulletinFamily": "",
    "cwe": [
        "CWE-617"
    ],
    "cvelist": null,
    "sourceData": "GNU Bison 3.8.0\nGNU Bison 3.8.1\nGNU Bison 3.8.2",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Bison",
    "version": "3.8.0",
    "vendor": "GNU",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}