Bug 2307454 (CVE-2024-43790)
| Summary: | CVE-2024-43790 vim: Out of bounds read when performing a search command | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | adudiak, kshier, omaciel, stcannon, yguenane |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A vulnerability was found in the VIM package. When performing a search and displaying the search count message is disabled, the search pattern is shown at the bottom of the screen, and this text is stored in an internal buffer. The search pattern is reversed when using the right-left search mode, and a new internal buffer will be created. If the original search pattern contains NULL characters, the newly allocated buffer will be smaller than the required size, leading to a head-based out-of-bounds read. This flaw allows an attacker to trick the user into running the malicious search pattern and execute all the steps required to cause the out-of-bounds read.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2310919 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2024-08-22 22:20:31 UTC
|