Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Mageia 8 Security Update: 2022-0430 Addresses Moderate Vim Buffer Overflow

mageia
Calendar Grey November 18, 2022
Dist Mageia Esm H88
Mageia's 2022-0430 security enhancement tackles several security flaws in vim versions earlier than 8.2 on Mageia 8.
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2

Summary

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2000, CVE-2022-2129, CVE-2022-2210)
Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-2042)
Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288)
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)
Use After Fr...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=30561

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4JJNUS4AEVYSEJMCK6JZB57QHD5V2G4O/

- https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html

- https://ubuntu.com/security/notices/USN-5492-1

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RY3GEN2Q46ZJKSNHTN2XB6B3VAJBEILN/

- https://lists.suse.com/pipermail/sle-security-updates/2022-September/012199.html

-

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK/

- https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html

- https://www.cve.org/CVERecord?id=CVE-2022-2000

- https://www.cve.org/CVERecord?id=CVE-2022-2042

- https://www.cve.org/CVERecord?id=CVE-2022-2124

- https://www.cve.org/CVERecord?id=CVE-2022-2125

- https://www.cve.org/CVERecord?id=CVE-2022-2125

- https://www.cve.org/CVERecord?id=CVE-2022-2129

- https://www.cve.org/CVERecord?id=CVE-2022-2175

- https://www.cve.org/CVERecord?id=CVE-2022-2182

- https://www.cve.org/CVERecord?id=CVE-2022-2183

- https://www.cve.org/CVERecord?id=CVE-2022-2206

- https://www.cve.org/CVERecord?id=CVE-2022-2207

- https://www.cve.org/CVERecord?id=CVE-2022-2208

- https://www.cve.org/CVERecord?id=CVE-2022-2210

- https://www.cve.org/CVERecord?id=CVE-2022-2231

- https://www.cve.org/CVERecord?id=CVE-2022-2257

- https://www.cve.org/CVERecord?id=CVE-2022-2264

- https://www.cve.org/CVERecord?id=CVE-2022-2284

- https://www.cve.org/CVERecord?id=CVE-2022-2285

- https://www.cve.org/CVERecord?id=CVE-2022-2286

- https://www.cve.org/CVERecord?id=CVE-2022-2287

- https://www.cve.org/CVERecord?id=CVE-2022-2288

- https://www.cve.org/CVERecord?id=CVE-2022-2289

- https://www.cve.org/CVERecord?id=CVE-2022-2304

- https://www.cve.org/CVERecord?id=CVE-2022-2343

- https://www.cve.org/CVERecord?id=CVE-2022-2344

- https://www.cve.org/CVERecord?id=CVE-2022-2345

- https://www.cve.org/CVERecord?id=CVE-2022-2522

- https://www.cve.org/CVERecord?id=CVE-2022-2571

- https://www.cve.org/CVERecord?id=CVE-2022-2580

- https://www.cve.org/CVERecord?id=CVE-2022-2581

- https://www.cve.org/CVERecord?id=CVE-2022-2598

- https://www.cve.org/CVERecord?id=CVE-2022-2816

- https://www.cve.org/CVERecord?id=CVE-2022-2817

- https://www.cve.org/CVERecord?id=CVE-2022-2819

- https://www.cve.org/CVERecord?id=CVE-2022-2845

- https://www.cve.org/CVERecord?id=CVE-2022-2849

- https://www.cve.org/CVERecord?id=CVE-2022-2862

- https://www.cve.org/CVERecord?id=CVE-2022-2874

- https://www.cve.org/CVERecord?id=CVE-2022-2889

- https://www.cve.org/CVERecord?id=CVE-2022-2923

- https://www.cve.org/CVERecord?id=CVE-2022-2946

- https://www.cve.org/CVERecord?id=CVE-2022-2980

- https://www.cve.org/CVERecord?id=CVE-2022-2982

- https://www.cve.org/CVERecord?id=CVE-2022-3016

- https://www.cve.org/CVERecord?id=CVE-2022-3037

- https://www.cve.org/CVERecord?id=CVE-2022-3099

- https://www.cve.org/CVERecord?id=CVE-2022-3134

- https://www.cve.org/CVERecord?id=CVE-2022-3234

- https://www.cve.org/CVERecord?id=CVE-2022-3235

- https://www.cve.org/CVERecord?id=CVE-2022-3256

- https://www.cve.org/CVERecord?id=CVE-2022-3278

- https://www.cve.org/CVERecord?id=CVE-2022-3296

- https://www.cve.org/CVERecord?id=CVE-2022-3297

- https://www.cve.org/CVERecord?id=CVE-2022-3324

- https://www.cve.org/CVERecord?id=CVE-2022-3352

- https://www.cve.org/CVERecord?id=CVE-2022-3705

Topics%20covered

Topics Covered

security advisory update buffer overflow heap overflow memory safety vim mageia

Resolution

SRPMS

- 8/core/vim-9.0.828-1.mga8

Publication date: 18 Nov 2022
URL: https://advisories.mageia.org/MGASA-2022-0430.html
Type: security
CVE: CVE-2022-2000, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2125, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2571, CVE-2022-2580, CVE-2022-2581, CVE-2022-2598, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3234, CVE-2022-3235, CVE-2022-3256, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705

Topics%20covered

Topics Covered

security advisory update buffer overflow heap overflow memory safety vim mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here