Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 609150 (CVE-2017-5953) - <app-editors/{vim,gvim}-8.0.0386: Tree length values not validated properly when handling a spell file (CVE-2017-5953)
Summary: <app-editors/{vim,gvim}-8.0.0386: Tree length values not validated properly w...
Status: RESOLVED FIXED
Alias: CVE-2017-5953
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-12 17:34 UTC by ncl
Modified: 2017-06-22 19:20 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description ncl 2017-02-12 17:34:23 UTC
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

https://groups.google.com/forum/#!topic/vim_dev/t-3RSdEnrHY
https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d
Comment 1 Yury German Gentoo Infrastructure gentoo-dev Security 2017-02-16 01:31:49 UTC
Thank you for the report
Comment 2 Thomas Deutschmann gentoo-dev Security 2017-06-03 14:28:01 UTC
Added to an existing GLSA request.

Cleanup will happen in bug 611386.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-06-22 19:20:17 UTC
This issue was resolved and addressed in
 GLSA 201706-26 at https://security.gentoo.org/glsa/201706-26
by GLSA coordinator Kristian Fiskerstrand (K_F).