A Buffer Overflow vulnerability was found in src/symtab.c in GNU bison 220.127.116.11-cb7dc-dirty. A local attacker may execute bison with crafted input file redefining the EOF token, which could triggers Heap buffer overflow and thus cause system crash.
Created bison tracking bugs for this issue:
Affects: fedora-all [bug 1877776]
This flaw can be mitigated by not supplying untrusted input to be processed by GNU Bison.