OESA-2023-1575

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1575
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1575.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2023-1575
Upstream
Published
2023-09-02T11:05:49Z
Modified
2025-09-03T06:19:26.305627Z
Summary
gawk security update
Details

The gawk package is the GNU implementation of awk. The awk utility interprets a special-purpose programming language that makes it possible to handle simple data-reformatting jobs with just a few lines of code.

Security Fix(es):

A heap out of bound read issue exists in builtin.c of gawk prior to version 5.1.1. The array "the_args" takes an unsafe index "val", while it does not validate the index to ensure the index refers to a valid position in the array (e.g., exceedingly large or negative). The vulnerability can cause crash of the software and might be used by attackers to read sensitive information.

https://mail.gnu.org/archive/html/bug-gawk/2022-08/msg00000.html https://mail.gnu.org/archive/html/bug-gawk/2022-08/msg00023.html https://fossies.org/linux/gawk/ChangeLog#470 (Line: 470-475)(CVE-2023-4156)

Database specific 
{
    "severity": "Low"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / gawk

Package

Name
gawk
Purl
pkg:rpm/openEuler/gawk&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.1-5.oe1

Ecosystem specific 

{
    "x86_64": [
        "gawk-debugsource-5.0.1-5.oe1.x86_64.rpm",
        "gawk-5.0.1-5.oe1.x86_64.rpm",
        "gawk-devel-5.0.1-5.oe1.x86_64.rpm",
        "gawk-lang-5.0.1-5.oe1.x86_64.rpm",
        "gawk-debuginfo-5.0.1-5.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "gawk-lang-5.0.1-5.oe1.aarch64.rpm",
        "gawk-5.0.1-5.oe1.aarch64.rpm",
        "gawk-debugsource-5.0.1-5.oe1.aarch64.rpm",
        "gawk-debuginfo-5.0.1-5.oe1.aarch64.rpm",
        "gawk-devel-5.0.1-5.oe1.aarch64.rpm"
    ],
    "noarch": [
        "gawk-help-5.0.1-5.oe1.noarch.rpm"
    ],
    "src": [
        "gawk-5.0.1-5.oe1.src.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / gawk

Package

Name
gawk
Purl
pkg:rpm/openEuler/gawk&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.1-5.oe1

Ecosystem specific 

{
    "x86_64": [
        "gawk-5.0.1-5.oe1.x86_64.rpm",
        "gawk-lang-5.0.1-5.oe1.x86_64.rpm",
        "gawk-devel-5.0.1-5.oe1.x86_64.rpm",
        "gawk-debuginfo-5.0.1-5.oe1.x86_64.rpm",
        "gawk-debugsource-5.0.1-5.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "gawk-devel-5.0.1-5.oe1.aarch64.rpm",
        "gawk-debuginfo-5.0.1-5.oe1.aarch64.rpm",
        "gawk-lang-5.0.1-5.oe1.aarch64.rpm",
        "gawk-5.0.1-5.oe1.aarch64.rpm",
        "gawk-debugsource-5.0.1-5.oe1.aarch64.rpm"
    ],
    "noarch": [
        "gawk-help-5.0.1-5.oe1.noarch.rpm"
    ],
    "src": [
        "gawk-5.0.1-5.oe1.src.rpm"
    ]
}

openEuler:22.03-LTS / gawk

Package

Name
gawk
Purl
pkg:rpm/openEuler/gawk&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.1-5.oe2203sp2

Ecosystem specific 

{
    "x86_64": [
        "gawk-debugsource-5.1.1-4.oe2203.x86_64.rpm",
        "gawk-5.1.1-4.oe2203.x86_64.rpm",
        "gawk-debuginfo-5.1.1-4.oe2203.x86_64.rpm",
        "gawk-devel-5.1.1-4.oe2203.x86_64.rpm",
        "gawk-lang-5.1.1-4.oe2203.x86_64.rpm",
        "gawk-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp2.x86_64.rpm"
    ],
    "aarch64": [
        "gawk-devel-5.1.1-4.oe2203.aarch64.rpm",
        "gawk-5.1.1-4.oe2203.aarch64.rpm",
        "gawk-debugsource-5.1.1-4.oe2203.aarch64.rpm",
        "gawk-debuginfo-5.1.1-4.oe2203.aarch64.rpm",
        "gawk-lang-5.1.1-4.oe2203.aarch64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp2.aarch64.rpm"
    ],
    "noarch": [
        "gawk-help-5.1.1-4.oe2203.noarch.rpm",
        "gawk-help-5.1.1-5.oe2203sp1.noarch.rpm",
        "gawk-help-5.1.1-5.oe2203sp2.noarch.rpm"
    ],
    "src": [
        "gawk-5.1.1-4.oe2203.src.rpm",
        "gawk-5.1.1-5.oe2203sp1.src.rpm",
        "gawk-5.1.1-5.oe2203sp2.src.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / gawk

Package

Name
gawk
Purl
pkg:rpm/openEuler/gawk&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.1-5.oe2203sp1

Ecosystem specific 

{
    "x86_64": [
        "gawk-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp1.x86_64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp1.x86_64.rpm"
    ],
    "aarch64": [
        "gawk-lang-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp1.aarch64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp1.aarch64.rpm"
    ],
    "noarch": [
        "gawk-help-5.1.1-5.oe2203sp1.noarch.rpm"
    ],
    "src": [
        "gawk-5.1.1-5.oe2203sp1.src.rpm"
    ]
}

openEuler:22.03-LTS-SP2 / gawk

Package

Name
gawk
Purl
pkg:rpm/openEuler/gawk&distro=openEuler-22.03-LTS-SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.1-5.oe2203sp2

Ecosystem specific 

{
    "x86_64": [
        "gawk-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-debugsource-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp2.x86_64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp2.x86_64.rpm"
    ],
    "aarch64": [
        "gawk-debugsource-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-lang-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-devel-5.1.1-5.oe2203sp2.aarch64.rpm",
        "gawk-debuginfo-5.1.1-5.oe2203sp2.aarch64.rpm"
    ],
    "noarch": [
        "gawk-help-5.1.1-5.oe2203sp2.noarch.rpm"
    ],
    "src": [
        "gawk-5.1.1-5.oe2203sp2.src.rpm"
    ]
}