2242926 – (CVE-2023-5441) CVE-2023-5441 vim: NULL pointer dereference in screen_line() in src/screen.c

Bug 2242926 (CVE-2023-5441) - CVE-2023-5441 vim: NULL pointer dereference in screen_line() in src/screen.c

Summary: CVE-2023-5441 vim: NULL pointer dereference in screen_line() in src/screen.c

Keywords:
Status:	NEW
Alias:	CVE-2023-5441
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2242927
Blocks:	2242840
TreeView+	depends on / blocked

Reported:	2023-10-09 18:27 UTC by Guilherme de Almeida Suckevicz
Modified:	2023-10-16 17:43 UTC (History)
CC List:	21 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A NULL pointer dereference vulnerability was found in Vim. This flaw allows an attacker who can trick a user into processing a specially crafted file to trigger the NULL pointer dereference, causing the application to crash.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2023-10-09 18:27:48 UTC

NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.

References:
https://huntr.dev/bounties/b54cbdf5-3e85-458d-bb38-9ea2c0b669f2

Upstream patch:
https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960

Comment 1 Guilherme de Almeida Suckevicz 2023-10-09 18:34:59 UTC

Created vim tracking bugs for this issue:

Affects: fedora-all [bug 2242927]

Note You need to log in before you can comment on or make changes to this bug.

adudiak
agarcial
aoconnor
asegurap
bdettelb
caswilli
dhalasz
dkuc
fjansen
hkataria
jburrell
jsherril
kaycoth
kshier
luizcosta
nweather
stcannon
sthirugn
vkrizan
vmugicag
yguenane