Summary: | <app-editors/vim-8.2.5066: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | vim |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 851231 | ||
Bug Blocks: |
Description
John Helmert III
2022-03-30 15:01:51 UTC
CVE-2022-1160 (https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c): heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. CVE-2022-1381 (https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4): https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47 global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution CVE-2022-1420 (https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca): Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. CVE-2022-1621 (https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb): https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution CVE-2022-1629 (https://github.com/vim/vim/commit/53a70289c2712808e6d4e88927e03cac01b470dd): https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution CVE-2022-1620 (https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51): https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. CVE-2022-1619 (https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450): https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution CVE-2022-1616 (https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c): https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2 Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution More "code execution" exploitable via controlling executed vimscript. Need patch to 8.2.4925. CVE-2022-1674 (https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385): https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060 NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. CVE-2022-1735 (https://github.com/vim/vim/commit/7ce5b2b590256ce53d6af28c1d203fb3bc1d2d97): Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. CVE-2022-1733 (https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813): Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. CVE-2022-1769 (https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4): Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. CVE-2022-1785 (https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109): https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Fix in 8.2.4977. CVE-2022-1771 (https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb): https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4975. Note that this isn't actually a stack-based buffer overflow. It's an infinite recursion, resulting in a stack overflow. CVE-2022-1796 (https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5): https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e Use After Free in GitHub repository vim/vim prior to 8.2. "8.2" here means 8.2.4979. CVE-2022-1897 (https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118): https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. CVE-2022-1898 (https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a): https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-1886 (https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a): https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-1851 (https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad): https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Needs bump to 8.2.5024 CVE-2022-1927 (https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777/): https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 Buffer Over-read in GitHub repository vim/vim prior to 8.2. Fixed in 8.2.5037 CVE-2022-1942 (https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071): https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Fix is in 8.2.5043. CVE-2022-1968 (https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b): https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895 Use After Free in GitHub repository vim/vim prior to 8.2. The actual fixed version is 8.2.5050. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f9f7862adbb0b00e48cf05385ac665594820c04a commit f9f7862adbb0b00e48cf05385ac665594820c04a Author: Sam James <sam@gentoo.org> AuthorDate: 2022-06-08 07:08:48 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-06-08 07:09:34 +0000 app-editors/gvim: add 8.2.5066 Bug: https://bugs.gentoo.org/850550 Bug: https://bugs.gentoo.org/836432 Signed-off-by: Sam James <sam@gentoo.org> app-editors/gvim/Manifest | 1 + app-editors/gvim/gvim-8.2.5066.ebuild | 385 ++++++++++++++++++++++++++++++++++ app-editors/gvim/gvim-9999.ebuild | 12 +- 3 files changed, 393 insertions(+), 5 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1335748afd56862daf5eac977f4f824e5f4e7dc4 commit 1335748afd56862daf5eac977f4f824e5f4e7dc4 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-06-08 07:05:32 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-06-08 07:09:34 +0000 app-editors/vim: add 8.2.5066 Bug: https://bugs.gentoo.org/850550 Bug: https://bugs.gentoo.org/836432 Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim/Manifest | 1 + app-editors/vim/vim-8.2.5066.ebuild | 360 ++++++++++++++++++++++++++++++++++++ app-editors/vim/vim-9999.ebuild | 16 +- 3 files changed, 374 insertions(+), 3 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=971a0d7b75f23d236f1ded8bd1f7d90a4c2eacde commit 971a0d7b75f23d236f1ded8bd1f7d90a4c2eacde Author: Sam James <sam@gentoo.org> AuthorDate: 2022-06-08 07:04:54 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-06-08 07:09:33 +0000 app-editors/vim-core: add 8.2.5066 Bug: https://bugs.gentoo.org/850550 Bug: https://bugs.gentoo.org/836432 Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim-core/Manifest | 1 + app-editors/vim-core/vim-core-8.2.5066.ebuild | 233 ++++++++++++++++++++++++++ app-editors/vim-core/vim-core-9999.ebuild | 6 +- 3 files changed, 238 insertions(+), 2 deletions(-) CVE-2022-2000 (https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0): https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. The fix is actually in 8.2.5063. GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=2cee523fe648754bae0e4ed2a531da672ac5fa15 commit 2cee523fe648754bae0e4ed2a531da672ac5fa15 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-21 01:33:31 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-21 01:40:46 +0000 [ GLSA 202208-32 ] Vim, gVim: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/811870 Bug: https://bugs.gentoo.org/818562 Bug: https://bugs.gentoo.org/819528 Bug: https://bugs.gentoo.org/823473 Bug: https://bugs.gentoo.org/824930 Bug: https://bugs.gentoo.org/828583 Bug: https://bugs.gentoo.org/829658 Bug: https://bugs.gentoo.org/830106 Bug: https://bugs.gentoo.org/830994 Bug: https://bugs.gentoo.org/833572 Bug: https://bugs.gentoo.org/836432 Bug: https://bugs.gentoo.org/851231 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-32.xml | 168 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 168 insertions(+) GLSA released, all done! Can anyone please help me out in removing Buffer over-read vulnerability in Vim prior to 8.2 (CVE-2022-1927).I am using vim 8.2 but still issue is there plus if there is any patch to deploy please share and also the process how to deploy or add that specific patch. (In reply to Haseeb from comment #19) > Can anyone please help me out in removing Buffer over-read vulnerability in > Vim prior to 8.2 (CVE-2022-1927).I am using vim 8.2 but still issue is there > plus if there is any patch to deploy please share and also the process how > to deploy or add that specific patch. It's fixed in Gentoo. This bug fixed after the release of GLSA 202208-32. The GLSA provides remediation instructions. |