vim-8.2.2637-16.el9.2

エラータID: AXSA:2022-3986:05

Release date:

Wednesday, November 2, 2022 - 08:09

Subject:

Affected Channels:

MIRACLE LINUX 9 for x86_64

Severity:

Moderate

Description:

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: Use of Out-of-range Pointer Offset in vim (CVE-2022-0554)
* vim: Heap-based Buffer Overflow occurs in vim (CVE-2022-0943)
* vim: Out-of-range Pointer Offset (CVE-2022-1420)
* vim: heap buffer overflow (CVE-2022-1621)
* vim: buffer over-read (CVE-2022-1629)
* vim: use after free in utf_ptr2char (CVE-2022-1154)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
CVE-2022-0943
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
CVE-2022-1154
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVE-2022-1629
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution

Solution:

Update packages.

CVEs:

CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.

CVE-2022-0943
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

CVE-2022-1154
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.

CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.

CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

CVE-2022-1629
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution

Additional Info:

N/A

Download:

SRPMS

vim-8.2.2637-16.el9.2.src.rpm
MD5: 87b16ed31fc4f0a0e0be64b7bd32f031
SHA-256: cd0de9b3498249dd164077273458b0ec5d22c3a5d1d942a5686c8cbd4d8cc16c
Size: 12.21 MB

Asianux Server 9 for x86_64

vim-common-8.2.2637-16.el9.2.x86_64.rpm
MD5: bda1eef4956f98362ca8ba8d888e5295
SHA-256: ca2260d959ec7bd3ce7f1ec7866ffdfaf9671a8202e508effcd18ffde440ae2b
Size: 6.59 MB
vim-enhanced-8.2.2637-16.el9.2.x86_64.rpm
MD5: 6b28c1e3d9e12123515d93bdd3f9596c
SHA-256: 3d54c514cd84cf18bd20ab8605a1dd8096a919487f70fca55406889eaf31637d
Size: 1.76 MB
vim-filesystem-8.2.2637-16.el9.2.noarch.rpm
MD5: d0ecec2013030101ea90a6de93cb26a9
SHA-256: 984b864b503f6a7aeea3da1d312a8e80badf1f0775b9da574d2cf7f9cafc9311
Size: 20.08 kB
vim-minimal-8.2.2637-16.el9.2.x86_64.rpm
MD5: d8d360fda49b5de5fc50e1f4086987d6
SHA-256: f5a0f2f64817bdd9eccd2b1e794f93ec8e5e12b4144e79240dddf6f1508213cd
Size: 680.19 kB
vim-X11-8.2.2637-16.el9.2.x86_64.rpm
MD5: 371014eeefecf9a61ab627319393a2c4
SHA-256: 4e02633167ef0159f5a91df07c23ab16d3ff1cc24ea6abd8c3a8113348270912
Size: 1.92 MB

日本語

Main menu

You are here

vim-8.2.2637-16.el9.2