Back to bug 2129838
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| TEJ RATHI | 2022-09-26 12:13:18 UTC | Depends On | 2129839 | |
| TEJ RATHI | 2022-09-26 12:20:38 UTC | Blocks | 2129840 | |
| TEJ RATHI | 2022-10-06 12:45:02 UTC | Doc Text | A heap use-after-free vulnerability was found in Vim's process_next_cpt_value() function of the src/insexpand.c file. This flaw occurs because of usage of freed memory when 'tagfunc' wipes out buffer that holds 'complete'. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory. | |
| RaTasha Tillery-Smith | 2022-10-06 12:48:28 UTC | Doc Text | A heap use-after-free vulnerability was found in Vim's process_next_cpt_value() function of the src/insexpand.c file. This flaw occurs because of usage of freed memory when 'tagfunc' wipes out buffer that holds 'complete'. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory. | A heap use-after-free vulnerability was found in Vim's process_next_cpt_value() function of the src/insexpand.c file. This flaw occurs due to the usage of freed memory when 'tagfunc' wipes out the buffer that holds 'complete.' This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free issue that causes an application to crash, possibly executing code and corrupting memory. |
| TEJ RATHI | 2022-10-06 14:10:22 UTC | Depends On | 2132748 | |
| Red Hat Bugzilla | 2023-07-07 08:33:43 UTC | Assignee | security-response-team | nobody |
Back to bug 2129838