CVE-2023-4156

Public on 2023-08-07

Modified on 2024-02-01

Description

A heap out-of-bounds read flaw was found in builtin.c in the gawk package which may result in a crash of the software.

Severity

Low

CVSS v3 Base Score

3.3

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 1	gawk			Pending Fix
Amazon Linux 2 - Core	gawk	2023-11-29	ALAS2-2023-2357	Fixed
Amazon Linux 2023	gawk	2023-08-17	ALAS2023-2023-292	Fixed

	Score Type	Score	Vector
Amazon Linux	CVSSv3	3.3	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
NVD	CVSSv3	4.4	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L