PT-2026-57814 · Gawk · Gawk
Marcin Wyczechowski
+1
·
Published
2026-07-13
·
Updated
2026-07-13
·
CVE-2026-40469
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
gawk versions 5.4.0 and earlier (32-bit builds)
Description
An integer overflow exists in the
do sub() routine within the builtin.c file. This flaw allows for the overwriting of heap metadata and objects, which can lead to a program crash. An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gawk