Описание
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra/bionic | not-affected | |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | not-affected | |
| jammy | not-affected | |
| noble | not-affected | |
| plucky | not-affected | |
| questing | not-affected | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
Связанные уязвимости
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.
A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The manipulation leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Уязвимость универсального генератора парсеров GNU Bison, связанная с неправильным ограничением операций в пределах буфера памяти, позволяющая нарушителю вызвать отказ в обслуживании
