VDB-319229 · Submit #622298 · ~~CVE-2025-8733~~

GNU Bison up to 3.8.2 obprintf.c __obstack_vprintf_internal assertion 🚫 [False Positive]

Noticeinfo

⚠️ Further analysis revealed that this issues is a false-positive. Please take a look at the sources mentioned and consider not using this entry at all. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container. Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.

Productinfo

Vendor

Name

Bison

Version

License

open-source

Website

Vendor: https://www.gnu.org/

Timelineinfo

08/08/2025 Advisory disclosed
08/08/2025 +0 days VulDB entry created
11/04/2025 +87 days VulDB entry last update

Sourcesinfo

Vendor: gnu.org

Advisory: 113/114
False Positive: Yes
Disputed: 🔍

CVE: CVE-2025-8733 (🔒)
GCVE (CVE): GCVE-0-2025-8733
GCVE (VulDB): GCVE-100-319229
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013
Misc.: 🔒

Entryinfo

Created: 08/08/2025 10:02
Updated: 11/04/2025 00:23
Changes: 08/08/2025 10:02 (56), 08/08/2025 21:39 (1), 08/09/2025 02:56 (30), 08/19/2025 06:30 (3), 08/19/2025 08:59 (1), 08/23/2025 23:32 (2), 10/28/2025 02:36 (1), 11/04/2025 00:23 (3)
Complete: 🔍
Cache ID: 216::103

Submitinfo

Accepted

Submit #622298: GNU Bison Bison the newest master(2ceaf03-Jul10 in https://cgit.git.savannah.gnu.org/cgit/bison.git) Assertion Failure (by github.com)

Duplicate

Submit #XXXXXX: Xxx Xxxxx Xxxxx Xxx Xxxxxx Xxxxxx(xxxxxxx-xxxxx Xx Xxxxx://xxxx.xxx.xxxxxxxx.xxx.xxx/xxxx/xxxxx.xxx) Xxxxxxxxx Xxxxxxx (by github.com)

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion

No comments yet. Languages: en.

Please log in to comment.

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!