CVE-2025-8735— GNU cflow Lexer c.c yylex null pointer dereference

GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

空指针解引用

GNU cflow 安全漏洞

GNU cflow是美国GNU社区的一款流程图生成器，它能够读取C语言源文件并生成外部引用的流程图。 GNU cflow 1.8及之前版本存在安全漏洞，该漏洞源于空指针取消引用问题。

N/A

N/A