Bug 2043779 (CVE-2022-0213) - CVE-2022-0213 vim: vim is vulnerable to out of bounds read
Summary: CVE-2022-0213 vim: vim is vulnerable to out of bounds read
Keywords:
Status: NEW
Alias: CVE-2022-0213
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2044142 2044143 2044637
Blocks: 2043776
TreeView+ depends on / blocked
 
Reported: 2022-01-22 00:25 UTC by Todd Cullum
Modified: 2022-02-22 06:37 UTC (History)
16 users (show)

Fixed In Version: vim 8.2.4074
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in vim. The vulnerability occurs due to not checking the length for the NameBuff function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Comment 2 Sandipan Roy 2022-01-24 05:56:34 UTC
Created vim tracking bugs for this issue:

Affects: fedora-all [bug 2044142]

Comment 4 juneau 2022-01-24 21:13:13 UTC
Marked services affected/delegated. Affected code is present, however impact is low and actual occurrence of flaw is unlikely at best.


Note You need to log in before you can comment on or make changes to this bug.