Debian LTS DLA-3204-1 Critical: Vim Heap Buffer Overflow
debian lts
November 24, 2022
This update fixes multiple memory access violations in vim
Topics Covered
Summary
CVE-2022-0318
Heap-based Buffer Overflow
CVE-2022-0392
Heap-based Buffer Overflow
CVE-2022-0629
Stack-based Buffer Overflow
CVE-2022-0696
NULL Pointer Dereference
CVE-2022-1619
Heap-based Buffer Overflow in function cmdline_erase_chars. This
vulnerabilities are capable of crashing software, modify memory, and
possible remote execution
CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word. This vulnerability is
capable of crashing software, Bypass Protection Mechanism, Modify
Memory, and possible remote execution
CVE-2022-1785
Out-of-bounds Write
CVE-2022-1897
Out-of-bounds Write
CVE-2022-1942
Heap-based Buffer Overflow
CVE-2022-2000
Out-of-bounds Write
CVE-2022-2129
Out-of-bounds Write
CVE-2022-3235
Use After Free
CVE-2022-3256
Use After Free
CVE-2022-3352
Use After Free
For Debian 10 buster, these problems have been fixed in version
2:8.1.0875-5+deb10u4.
We recommend that you upgrade your vim packages.
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: vim
Version: 2:8.1.0875-5+deb10u4
CVE ID: CVE-2022-0318 CVE-2022-0392 CVE-2022-0629 CVE-2022-0696
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!