2158269 – (CVE-2023-0049) CVE-2023-0049 vim: out-of-bounds read in function build_stl_str_hl

Bug 2158269 (CVE-2023-0049) - CVE-2023-0049 vim: out-of-bounds read in function build_stl_str_hl

Summary: CVE-2023-0049 vim: out-of-bounds read in function build_stl_str_hl

Keywords:
Status:	NEW
Alias:	CVE-2023-0049
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2158270 2159203 2159204 2159205
Blocks:	2158267
TreeView+	depends on / blocked

Reported:	2023-01-04 21:22 UTC by Chess Hazlett
Modified:	2025-01-23 15:48 UTC (History)
CC List:	36 users (show)
Fixed In Version:	vim 9.0.1143
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Chess Hazlett 2023-01-04 21:22:12 UTC

A flaw was found in vim, an out-of-bounds read in function build_stl_str_hl. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution.

Comment 1 Chess Hazlett 2023-01-04 21:22:31 UTC

Created vim tracking bugs for this issue:

Affects: fedora-all [bug 2158270]

Note You need to log in before you can comment on or make changes to this bug.

aprice
bdettelb
caswilli
dffrench
dfreiber
doconnor
drow
fjansen
gzaronik
hkataria
jburrell
jforrest
jkoehler
jmitchel
jsamir
jtanner
jwon
kaycoth
kholdawa
kshier
lcouzens
lphiri
micjohns
mpierce
mskarbek
ngough
orabin
rblanco
rgodfrey
rogbas
sthirugn
teagle
vkrizan
vkumar
vmugicag
zdohnal