CVE-2023-4156
Published: 8 August 2023
[heap out of bound read in builtin.c]
Priority
Status
| Package | Release | Status |
|---|---|---|
|
gawk Launchpad, Ubuntu, Debian |
trusty |
Released
(1:4.0.1+dfsg-2.1ubuntu2+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
| xenial |
Released
(1:4.1.3+dfsg-0.1ubuntu0.1~esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
| bionic |
Released
(1:4.1.4+dfsg-1ubuntu0.1~esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
| focal |
Released
(1:5.0.1+dfsg-1ubuntu0.1)
|
|
| jammy |
Released
(1:5.1.0-1ubuntu0.1)
|
|
| lunar |
Not vulnerable
(1:5.2.1-2)
|
|
| upstream |
Released
(1:5.2.1-1)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4156
- https://mail.gnu.org/archive/html/bug-gawk/2022-08/msg00000.html
- https://mail.gnu.org/archive/html/bug-gawk/2022-08/msg00023.html
- https://git.savannah.gnu.org/gitweb/?p=gawk.git;a=commitdiff;h=e709eb829448ce040087a3fc5481db6bfcaae212 (gawk-5.2.0)
- https://ubuntu.com/security/notices/USN-6373-1
- NVD
- Launchpad
- Debian