Back to bug 2101293
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2022-06-27 05:18:59 UTC | Blocks | 2101294 | |
| TEJ RATHI | 2022-06-27 06:53:01 UTC | Severity | high | low |
| Priority | high | low | ||
| TEJ RATHI | 2022-06-28 12:48:39 UTC | Depends On | 2101815 | |
| TEJ RATHI | 2022-06-28 12:50:21 UTC | Depends On | 2101817, 2101816 | |
| TEJ RATHI | 2022-06-28 12:52:40 UTC | Summary | CVE-2022-2175 vim: Buffer Over-read through cmdline_insert_reg() | CVE-2022-2175 vim: buffer over-read in put_on_cmdline() at ex_getln.c |
| TEJ RATHI | 2022-06-29 11:57:55 UTC | Doc Text | A heap buffer over-read vulnerability was found in Vim's put_on_cmdline() function of the src/ex_getln.c file. This flaw occurs because of invalid memory access when using an expression on the command line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflow that causes an application to crash and corrupt memory. | |
| Fixed In Version | vim 8.2.5148 | |||
| RaTasha Tillery-Smith | 2022-06-29 12:28:44 UTC | Doc Text | A heap buffer over-read vulnerability was found in Vim's put_on_cmdline() function of the src/ex_getln.c file. This flaw occurs because of invalid memory access when using an expression on the command line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflow that causes an application to crash and corrupt memory. | A heap buffer over-read vulnerability was found in Vim's put_on_cmdline() function of the src/ex_getln.c file. This issue occurs due to invalid memory access when using an expression on the command line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflow that causes an application to crash and corrupt memory. |
| Red Hat Bugzilla | 2023-07-07 08:29:09 UTC | Assignee | security-response-team | nobody |
Back to bug 2101293