Klovo

Klovo's Trophy Case

An incomplete list of recent bugs found by Klovo:

ApplicationSuiteBug typeBug report
doc/chewGNU Binutils 2.45heap buffer overflowhttps://sourceware.org/bugzilla/show_bug.cgi?id=33513
doc/chewGNU Binutils 2.45null dereferencehttps://sourceware.org/bugzilla/show_bug.cgi?id=33514
awkBusybox 1.36.1null dereferencehttps://bugs.busybox.net/show_bug.cgi?id=15655
bcBusybox 1.36.1heap buffer overflowhttps://bugs.busybox.net/show_bug.cgi?id=15646
odBusybox 1.36.1global buffer overflowhttps://bugs.busybox.net/show_bug.cgi?id=15649
tsortBusybox 1.36.1heap use after freehttps://bugs.busybox.net/show_bug.cgi?id=15652
b2sumGNU Coreutils 9.3heap buffer overflowhttps://debbugs.gnu.org/cgi/bugreport.cgi?bug=64229
unexpandGNU Coreutils 9.8heap buffer overflowhttps://debbugs.gnu.org/cgi/bugreport.cgi?bug=79555
decorateGNU datamash 1.9heap buffer overflowhttps://lists.gnu.org/archive/html/bug-datamash/2025-10/msg00000.html
gcalGNU gcal 4.2heap buffer overflowhttps://savannah.gnu.org/bugs/index.php?67572
gcalGNU gcal 4.2null dereferencehttps://savannah.gnu.org/bugs/index.php?67573
basenamesbase 530407segmentation faulthttps://lists.suckless.org/dev/2510/35886.html
cronsbase 530407segmentation faulthttps://lists.suckless.org/dev/2306/35261.html
edsbase 530407global buffer overflowhttps://lists.suckless.org/dev/2511/35899.html1
grepsbase 530407global buffer overflowhttps://lists.suckless.org/dev/2511/35898.html1
sha512-224sumsbase 530407stack buffer overflowhttps://lists.suckless.org/dev/2510/35888.html
trsbase 530407heap buffer overflowhttps://lists.suckless.org/dev/2510/35887.html
dateToybox 0.8.9null dereferencehttps://github.com/landley/toybox/issues/437
findToybox 0.8.12stack buffer overflowhttps://github.com/landley/toybox/issues/578
getoptToybox 0.8.12heap buffer overflowhttps://github.com/landley/toybox/issues/571
mkpasswdToybox 0.8.12global buffer overflowhttps://github.com/landley/toybox/issues/573
patchToybox 0.8.12heap buffer overflowhttps://github.com/landley/toybox/issues/572
printfToybox 0.8.12out of bounds readhttps://github.com/landley/toybox/issues/574
sedToybox 0.8.12heap buffer overflowhttps://github.com/landley/toybox/issues/579

Footnotes

  1. Original email not available on list server. 2