Bug 2039850 - vim: NULL pointer dereference vulnerability via the vim_regexec_multi function at regexp.c
Summary: vim: NULL pointer dereference vulnerability via the vim_regexec_multi functio...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2039851 2040370 2040382
Blocks: 2039688
TreeView+ depends on / blocked
 
Reported: 2022-01-12 14:39 UTC by Marian Rehak
Modified: 2023-07-13 08:06 UTC (History)
20 users (show)

Fixed In Version: vim 8.2.3883
Doc Type: If docs needed, set a value
Doc Text:
A null pointer dereference was found in the way vim handles regular expression compilations. A specially crafted file could, when sourced into vim, crash the executable.
Clone Of:
Environment:
Last Closed: 2022-01-19 07:48:16 UTC
Embargoed:

Attachments (Terms of Use)

Description Marian Rehak 2022-01-12 14:39:13 UTC 
A Pointer Dereference vulnerability exists in Vim 8.2.3883 via the vim_regexec_multi function at regexp.c, which causes a denial of service.

Reference:

https://huntr.dev/bounties/a9b015e2-59e3-4ed9-8812-d9021e40b8f2/
Comment 1 Marian Rehak 2022-01-12 14:39:38 UTC 
Created vim tracking bugs for this issue:

Affects: fedora-all [bug 2039851]
Comment 5 Cedric Buissart 2022-01-19 07:48:16 UTC 
This CVE has been rejected : https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-46059
Comment 7 Salvatore Bonaccorso 2023-07-05 06:26:34 UTC 
As th CVE has been rejected, can you please remove as well the bugzilla alias to the CVE, this will defintively confuse people checking for the CVE finding it though officially rejected but still finding here a reference accordingly. Would that be possible?
Note You need to log in before you can comment on or make changes to this bug.