Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian 10 DLA-3588-1 Critical: Vim Heap Overflow and Use After Free

debian lts
Calendar Grey September 29, 2023
Dist Debian Esm H88
Enhance your vim installation on Debian 10 to rectify severe security flaws, such as heap overflow and use-after-free vulnerabilities. Keep your system current!
Multiple vulnerabilities were found in vim a text editor

Summary

CVE-2023-4752

A heap use after free was found in ins_compl_get_exp()

CVE-2023-4781

A heap-buffer-overflow was found in vim_regsub_both()

For Debian 10 buster, these problems have been fixed in version
2:8.1.0875-5+deb10u6.

We recommend that you upgrade your vim packages.

For the detailed security status of vim please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/vim

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
critical
Lowest
Low
Medium
High
Critical

Package: vim
Version: 2:8.1.0875-5+deb10u6
CVE ID: CVE-2023-4752 CVE-2023-4781

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here