I'd like to request a CVE for a recently discovered vulnerability in CHICKEN Scheme. It affects a very particular, not very common use of the read-string! procedure. If given a buffer and #f (the Scheme value for "false") as the buffer's size (which should trigger automatic size detection but doesn't), it will read beyond the buffer, until the input port (file, socket, etc) is exhausted. This may result in the typical potential remote code execution or denial of service; in CHICKEN, these buffers are initially allocated on the stack and moved to the heap upon GC. In normal usage, users would usually pass in the buffer's size. This is also the workaround for this bug. For the official announcement, see http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html The discussion thread's final accepted patch is at http://lists.nongnu.org/archive/html/chicken-hackers/2013-09/msg00009.html which got applied as http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=cd1b9775005ebe220ba11265dbf5396142e65f26 All versions of CHICKEN prior to 4.8.0.5 and 4.8.3 (not yet released) are affected. Cheers, Peter Bex