Fedora 41: FEDORA-2024-48e080c52f Critical: Vim Buffer Overflow
fedora
September 13, 2024
Security fix for CVE-2024-45306 patchlevel 703 Security fixes for CVE-2024-43374, CVE-2024-43802
Summary
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.
Update Information:
Security fix for CVE-2024-45306 patchlevel 703 Security fixes for CVE-2024-43374, CVE-2024-43802
Topics Covered
Change Log
* Fri Sep 6 2024 Zdenek Dohnal
References
[ 1 ] Bug #2305311 - CVE-2024-43374 vim: use-after-free in alist_add() in src/arglist.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2305311
[ 2 ] Bug #2308491 - CVE-2024-43802 vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2308491
[ 3 ] Bug #2309344 - CVE-2024-45306 vim: heap-buffer-overflow in Vim [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2309344
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-48e080c52f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: vim
Product: Fedora 41
Version: 9.1.719
Release: 1.fc41
URL: http://www.vim.org/
Summary: The VIM editor
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!