2165798 – (CVE-2023-0512) CVE-2023-0512 vim: divide by zero in adjust_skipcol() at move.ca

Bug 2165798 (CVE-2023-0512) - CVE-2023-0512 vim: divide by zero in adjust_skipcol() at move.ca

Summary: CVE-2023-0512 vim: divide by zero in adjust_skipcol() at move.ca

Keywords:
Status:	NEW
Alias:	CVE-2023-0512
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2167628 2167629 2179801
Blocks:	2165716
TreeView+	depends on / blocked

Reported:	2023-01-31 05:39 UTC by TEJ RATHI
Modified:	2024-03-18 13:15 UTC (History)
CC List:	26 users (show)
Fixed In Version:	vim 9.0.1247
Doc Type:	If docs needed, set a value
Doc Text:	A divide-by-zero flaw was found in Vim's adjust_skipcol() function in the move.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a floating point exception error and causing an application to crash, eventually leading to a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description TEJ RATHI 2023-01-31 05:39:10 UTC

Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.

https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835
https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74

Comment 4 Dhananjay Arunesh 2023-03-20 06:46:11 UTC

Created vim tracking bugs for this issue:

Affects: fedora-all [bug 2179801]

Note You need to log in before you can comment on or make changes to this bug.

adudiak
bdettelb
caswilli
darunesh
dffrench
dhalasz
dkuc
fjansen
gzaronik
hkataria
jburrell
jkoehler
jmitchel
jtanner
jwon
kaycoth
kshier
ngough
rgodfrey
stcannon
sthirugn
tfister
vkrizan
vmugicag
yguenane
zdohnal