GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attacker may execute bison with crafted input file containing a NULL byte, which could triggers UAF and thus cause system crash. Reference: https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html Upstream patch: https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d
Created bison tracking bugs for this issue: Affects: fedora-all [bug 1872738]
Statement: bison as shipped in Red Hat Enterprise Linux 7 and 8 does not reproduce this flaw. It properly detects the NULL byte and errors out accordingly instead of causing use-after-free. This is likely due to introduction of vulnerable code in a more recent version of bison.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-24240