Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora 38: 2023-6c84e57fab Critical: Vim NULL Pointer Dereference

fedora
Calendar Grey October 23, 2023
Dist Fedora Esm H88
Important update for vim that resolves vulnerabilities related to NULL pointer dereference and use-after-free issues. Ensure you update immediately.
Security fix for CVE-2023-5535, CVE-2023-5441

Summary

VIM (VIsual editor iMproved) is an updated and improved version of the

vi editor. Vi was the first real screen-based editor for UNIX, and is

still very popular. VIM improves on vi by adding new features:

multiple windows, multi-level undo, block highlighting and more.

Update Information:

Security fix for CVE-2023-5535, CVE-2023-5441

Change Log

* Wed Oct 18 2023 Zdenek Dohnal - 2:9.0.2048-1 - patchlevel 2048

References


[ 1 ] Bug #2242926 - CVE-2023-5441 vim: NULL pointer dereference in screen_line() in src/screen.c https://bugzilla.redhat.com/show_bug.cgi?id=2242926 [ 2 ] Bug #2244101 - CVE-2023-5535 vim: use after free https://bugzilla.redhat.com/show_bug.cgi?id=2244101

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6c84e57fab' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: vim
Product: Fedora 38
Version: 9.0.2048
Release: 1.fc38
Summary: The VIM editor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here