Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Vim.
Software Description:
- vim: Vi IMproved - enhanced vi editor
Details:
It was discovered that Vim was incorrectly processing Vim buffers. An
attacker could possibly use this issue to perform illegal memory access and
expose sensitive information. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-4166)
It was discovered that Vim was using freed memory when dealing with regular
expressions inside a visual selection. If a user were tricked into opening a
specially crafted file, an attacker could crash the application, leading to a
denial of service, or possibly achieve code execution with user privileges.
This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu
20.04 LTS. (CVE-2021-4192)
It was discovered that Vim was incorrectly handling virtual column position
operations, which could result in an out-of-bounds read. An attacker could
possibly use this issue to expose sensitive information. T...
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: vim 2:8.2.3995-1ubuntu2.7 Ubuntu 20.04 LTS: vim 2:8.1.2269-1ubuntu5.14 Ubuntu 18.04 LTS: vim 2:8.0.1453-1ubuntu1.13 Ubuntu 14.04 ESM: vim 2:7.4.052-1ubuntu3.1+esm9 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6026-1
CVE-2021-4166, CVE-2021-4192, CVE-2021-4193, CVE-2022-0213,
CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351,
CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0408,
CVE-2022-0443, CVE-2022-0554, CVE-2022-0572, CVE-2022-0629,
CVE-2022-0685, CVE-2022-0714, CVE-2022-0729, CVE-2022-2207
Get the latest Linux and open source security news straight to your inbox.