What Are You Looking For?

Sign Up
MGASA-2022-0023 - Updated vim packages fix security vulnerability

Publication date: 18 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0023.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-0128,
     CVE-2022-0156,
     CVE-2022-0158,
     CVE-2022-0213

vim is vulnerable to Out-of-bounds Read (CVE-2022-0128)
vim is vulnerable to Use After Free (CVE-2022-0156)
vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158)
vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0213)

References:
- https://bugs.mageia.org/show_bug.cgi?id=29891
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0128
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0156
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0158
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213

SRPMS:
- 8/core/vim-8.2.4114-1.mga8

Mageia 2022-0023: vim security update

vim is vulnerable to Out-of-bounds Read (CVE-2022-0128) vim is vulnerable to Use After Free (CVE-2022-0156) vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158) vim is v...

Summary

vim is vulnerable to Out-of-bounds Read (CVE-2022-0128) vim is vulnerable to Use After Free (CVE-2022-0156) vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158) vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0213)

References

- https://bugs.mageia.org/show_bug.cgi?id=29891

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0128

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0156

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0158

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213

Resolution

MGASA-2022-0023 - Updated vim packages fix security vulnerability

SRPMS

- 8/core/vim-8.2.4114-1.mga8

Severity
Publication date: 18 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0023.html
Type: security
CVE: CVE-2022-0128, CVE-2022-0156, CVE-2022-0158, CVE-2022-0213

Related News

Severe Chromium Bug Threatens Sensitive Data, System Availability

Nov 13, 2023

Severe Chromium DoS, Info Disclosure Vulns Fixed

Oct 25, 2023

Remotely Exploitable ClamAV DoS Bug Discovered & Fixed

Aug 31, 2023

Critical OpenSSH RCE Bugs Fixed

Aug 24, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo