Happy Friday fellow Linux geeks! This week, vim announced multiple memory access violations that threaten the security and integrity of your systems. We encourage vim users to update immediately. A dangerous flaw in Exim that could lead to denial of service (DoS) or the execution of arbitrary code has also been fixed this week.
Read on to learn about how you can update your systems to obtain these fixes for your distribution.
Have you customized your LinuxSecurity advisories based on the distro(s) you use? If not, we encourage you to do so now!
Yours in Open Source,
heimdalThe DiscoveryMultiple security vulnerabilities were discovered in heimdal, an implementation of the Kerberos 5 authentication protocol (CVE-2019-14870, CVE-2021-3671, CVE-2021-44758 and CVE-2022-3437). |
vimThe DiscoveryMultiple memory access violations have been found in vim (CVE-2022-0318, CVE-2022-0392, CVE-2022-0629 and CVE-2022-0696).
The ImpactThese vulnerabilities are capable of crashing software, bypassing protection mechanisms, modifying memory, and possible remote execution, among other threats. The FixA vim security update that mitigates these flaws is now available. We recommend that you upgrade your vim packages as soon as possible to protect against attacks and compromise. Your Related Advisories:Register to Customize Your Advisories |
EximThe DiscoveryIt was discovered that Exim incorrectly handled certain regular expressions (CVE-2022-3559). The ImpactAn attacker could use this issue to cause Exim to crash, resulting in a denial of service (DoS), or possibly execute arbitrary code. |
