Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Mageia 8 MGASA-2023-0110 Moderate: Vim Buffer Overflow Risk

mageia
Calendar Grey March 24, 2023
Dist Mageia Esm H88
Recent updates for vim packages on Mageia tackle essential security vulnerabilities such as stack overflow and buffer limit flaws. Discover more!
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367

Summary

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127) Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. (CVE-2023-1170) Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. (CVE-2023-1175)

References

- https://bugs.mageia.org/show_bug.cgi?id=31637

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/

- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014068.html

- https://www.cve.org/CVERecord?id=CVE-2023-1127

- https://www.cve.org/CVERecord?id=CVE-2023-1170

- https://www.cve.org/CVERecord?id=CVE-2023-1175

Resolution

SRPMS

- 8/core/vim-9.0.1411-1.mga8

Publication date: 24 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0110.html
Type: security
CVE: CVE-2023-1127, CVE-2023-1170, CVE-2023-1175

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here