Back to bug 2151558
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2022-12-07 13:56:25 UTC | Depends On | 2151559 | |
| Guilherme de Almeida Suckevicz | 2022-12-07 14:07:51 UTC | Blocks | 2151568 | |
| TEJ RATHI | 2022-12-26 05:49:22 UTC | Doc Text | A heap use-after-free issue was discovered in Vim's did_set_spelllang() function of spell.c file. This flaw occurs because vim uses freed memory after SpellFileMissing autocmd uses bwipe. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory. | |
| TEJ RATHI | 2022-12-26 05:49:45 UTC | Fixed In Version | vim 9.0.0882 | |
| TEJ RATHI | 2022-12-26 05:50:42 UTC | Depends On | 2156272, 2156271 | |
| Paige Jung | 2023-01-03 13:41:50 UTC | Doc Text | A heap use-after-free issue was discovered in Vim's did_set_spelllang() function of spell.c file. This flaw occurs because vim uses freed memory after SpellFileMissing autocmd uses bwipe. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory. | A heap use-after-free flaw was found in Vim's did_set_spelllang() function of the spell.c file. This issue occurs because vim uses freed memory after SpellFileMissing autocmd uses bwipe. This could allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free issue that causes an application to crash, possibly executing code and corrupting memory. |
| Red Hat Bugzilla | 2023-07-07 08:32:32 UTC | Assignee | security-response-team | nobody |
Back to bug 2151558