Skip to main content

GNU gawk CVE-2026-40553

MEDIUM
Stack-based Buffer Overflow (CWE-121)
2026-07-13 CERT-PL
5.1
CVSS 4.0 · Vendor: CERT-PL
Share

Severity by source

Vendor (CERT-PL) PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.1 MEDIUM

Local vector because gawk is a CLI tool; PR:N since any local user can run it; no confidentiality impact; low integrity and availability from crash and potential stack corruption.

3.1 AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (CERT-PL).

CVSS VectorVendor: CERT-PL

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 13, 2026 - 13:18 vuln.today
CVE Published
Jul 13, 2026 - 12:07 cve.org
MEDIUM 5.1

DescriptionCVE.org

Buffer overflow vulnerability has been found in "extension/readdir.c" program file of gawk (ftype() routine). This issue could be used to crash the program and potentially to achieve code execution, although the latter has not been confirmed to be feasible. It affects gawk in versions 5.4.0 and below.

AnalysisAI

Stack-based buffer overflow in gawk's readdir extension (extension/readdir.c, ftype() routine) affects all gawk releases through version 5.4.0, enabling a local attacker to crash the process and theoretically achieve code execution. The RCE angle is explicitly unconfirmed by the reporter (CERT-PL), making denial-of-service the primary demonstrated impact at this time. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local system access
Delivery
Invoke gawk with readdir extension enabled
Exploit
Supply crafted directory input targeting ftype()
Execution
Overflow stack-allocated buffer
Impact
Crash gawk process or attempt control-flow hijack

Vulnerability AssessmentAI

Exploitation Exploitation requires local access to a system running gawk 5.4.0 or below with the readdir extension compiled and in active use. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.1 with AV:L reflects a strictly local attack surface, which substantially limits real-world exposure compared to network-reachable vulnerabilities. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user supplies crafted directory input or invokes a gawk script that exercises the readdir extension's ftype() routine, triggering a write past the stack buffer boundary. In the most reliably demonstrated outcome, this crashes the gawk process and disrupts any pipeline depending on it. …
Remediation Monitor your Linux distribution's package feed for an updated gawk package that incorporates the upstream fix commit (https://cgit.git.savannah.gnu.org/cgit/gawk.git/commit/?id=cca0366144336b49aaa7d5d949966ce8e2c70843) and apply it as soon as available. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-40553 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy