USN-6373-1: gawk vulnerability
14 September 2023
gawk could be made to crash if it received specially crafted input.
- gawk - GNU awk, a pattern scanning and processing language
It was discovered that gawk could be made to read out of bounds when
processing certain inputs. If a user or an automated system were tricked
into opening a specially crafted input, an attacker could possibly use
this issue to cause a denial of service.
The problem can be corrected by updating your system to the following package versions:
- gawk - 1:4.1.4+dfsg-1ubuntu0.1~esm1
- gawk - 1:4.1.3+dfsg-0.1ubuntu0.1~esm1
- gawk - 1:4.0.1+dfsg-2.1ubuntu2+esm1
In general, a standard system update will make all the necessary changes.