Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 829658 (CVE-2021-4136, CVE-2021-4166, CVE-2021-4187, CVE-2021-4192, CVE-2021-4193, CVE-2022-0128) - <app-editors/{vim,gvim,vim-core}-8.2.3950: multiple vulnerabilities
Summary: <app-editors/{vim,gvim,vim-core}-8.2.3950: multiple vulnerabilities
Status: IN_PROGRESS
Alias: CVE-2021-4136, CVE-2021-4166, CVE-2021-4187, CVE-2021-4192, CVE-2021-4193, CVE-2022-0128
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/vim/vim/commit/605...
Whiteboard: B3 [glsa? cleanup]
Keywords:
Depends on: 834460
Blocks:
  Show dependency tree
 
Reported: 2021-12-19 22:01 UTC by John Helmert III
Modified: 2022-05-19 18:20 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-12-19 22:01:15 UTC
CVE-2021-4136 (https://huntr.dev/bounties/5c6b93c1-2d27-4e98-a931-147877b8c938):

vim is vulnerable to Heap-based Buffer Overflow

Needs bump to 8.2.3856.
Comment 1 John Helmert III gentoo-dev Security 2021-12-26 17:59:00 UTC
CVE-2021-4166 (https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682):

vim is vulnerable to Out-of-bounds Read

Needs bump to 8.2.3884.
Comment 2 John Helmert III gentoo-dev Security 2021-12-30 15:31:17 UTC
CVE-2021-4187 (https://github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441):

vim is vulnerable to Use After Free
Comment 3 John Helmert III gentoo-dev Security 2022-01-01 07:52:17 UTC
CVE-2021-4192 (https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952):

vim is vulnerable to Use After Free

CVE-2021-4193 (https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b):

vim is vulnerable to Out-of-bounds Read

Patches in >8.2.3950.
Comment 4 John Helmert III gentoo-dev Security 2022-01-07 04:59:21 UTC
CVE-2022-0128 (https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a):

vim is vulnerable to Out-of-bounds Read

Fix in >8.2.4009
Comment 5 Larry the Git Cow gentoo-dev 2022-01-09 01:14:58 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41d32bc6b2bd13a6d30e056da207be67d9340038

commit 41d32bc6b2bd13a6d30e056da207be67d9340038
Author:     Nobel Barakat <nobelbarakat@google.com>
AuthorDate: 2022-01-07 18:23:50 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-01-09 01:14:21 +0000

    app-editors/gvim: version bump to v8.2.3950.
    
    This is needed to resolve CVE-2021-4136, CVE-2021-4166, CVE-2021-4187,
    CVE-2021-4192, and CVE-2021-4193.
    
    Bug: https://bugs.gentoo.org/829658
    Signed-off-by: Nobel Barakat <nobelbarakat@google.com>
    Closes: https://github.com/gentoo/gentoo/pull/23688
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/gvim/Manifest             |   1 +
 app-editors/gvim/gvim-8.2.3950.ebuild | 383 ++++++++++++++++++++++++++++++++++
 2 files changed, 384 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76695ad80c518a342f804e0d84c034bf2092f466

commit 76695ad80c518a342f804e0d84c034bf2092f466
Author:     Nobel Barakat <nobelbarakat@google.com>
AuthorDate: 2022-01-07 00:37:27 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-01-09 01:14:20 +0000

    app-editors/vim-core: version bump to v8.2.3950.
    
    This is needed to resolve CVE-2021-4136, CVE-2021-4166, CVE-2021-4187,
    CVE-2021-4192, and CVE-2021-4193.
    
    Bug: https://bugs.gentoo.org/829658
    Signed-off-by: Nobel Barakat <nobelbarakat@google.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/vim-core/Manifest                 |   1 +
 app-editors/vim-core/vim-core-8.2.3950.ebuild | 233 ++++++++++++++++++++++++++
 2 files changed, 234 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3eeb1c9c5b600e97177eb03639b76ce5c2262c1c

commit 3eeb1c9c5b600e97177eb03639b76ce5c2262c1c
Author:     Nobel Barakat <nobelbarakat@google.com>
AuthorDate: 2022-01-07 00:34:19 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-01-09 01:14:19 +0000

    app-editors/vim: version bump to v8.2.3950.
    
    This is needed to resolve CVE-2021-4136, CVE-2021-4166, CVE-2021-4187,
    CVE-2021-4192, and CVE-2021-4193.
    
    Bug: https://bugs.gentoo.org/829658
    Signed-off-by: Nobel Barakat <nobelbarakat@google.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/vim/Manifest            |   1 +
 app-editors/vim/vim-8.2.3950.ebuild | 355 ++++++++++++++++++++++++++++++++++++
 2 files changed, 356 insertions(+)
Comment 6 filip ambroz 2022-01-10 18:31:43 UTC
[CVE-2021-46059]
A Pointer Dereference vulnerability exists in Vim 8.2.3883 via the vim_regexec_multi function at regexp.c, which causes a denial of service.

URLs:
https://nvd.nist.gov/vuln/detail/CVE-2021-46059
https://huntr.dev/bounties/a9b015e2-59e3-4ed9-8812-d9021e40b8f2/

Fixed in: 8.2.3883

[CVE-2022-0156]
vim is vulnerable to Use After Free

URLs:
https://nvd.nist.gov/vuln/detail/CVE-2022-0156
https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36/
https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f

Fixed in: 8.2.4053

[CVE-2022-0158]
vim is vulnerable to Heap-based Buffer Overflow

URLs:
https://nvd.nist.gov/vuln/detail/CVE-2022-0158
https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b/
https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39

Fixed in: 8.2.4053

(I am not sure if this is proper way of handling this, please correct it, if I screwed up. Thank you very much.)
Comment 7 John Helmert III gentoo-dev Security 2022-01-11 08:09:15 UTC
Let's let stabilization happen for this bug.