Lucene search
AlmaLinuxALSA-2022:5942HistoryAug 09, 2022 - 12:00 a.m.
Moderate: vim security update
2022-08-0900:00:00
errata.almalinux.org
21
vim
security update
out-of-bounds write
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
48.3%
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
- vim: Out-of-bounds Write (CVE-2022-1785)
- vim: out-of-bounds write in vim_regsub_both() in regexp.c (CVE-2022-1897)
- vim: buffer over-read in utf_ptr2char() in mbyte.c (CVE-2022-1927)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 9 | x86_64 | vim-common | < 8.2.2637-16.el9_0.3 | vim-common-8.2.2637-16.el9_0.3.x86_64.rpm |
| almalinux | 9 | x86_64 | vim-enhanced | < 8.2.2637-16.el9_0.3 | vim-enhanced-8.2.2637-16.el9_0.3.x86_64.rpm |
| almalinux | 9 | x86_64 | vim-minimal | < 8.2.2637-16.el9_0.3 | vim-minimal-8.2.2637-16.el9_0.3.x86_64.rpm |
| almalinux | 9 | noarch | vim-filesystem | < 8.2.2637-16.el9_0.3 | vim-filesystem-8.2.2637-16.el9_0.3.noarch.rpm |
| almalinux | 9 | x86_64 | vim-x11 | < 8.2.2637-16.el9_0.3 | vim-X11-8.2.2637-16.el9_0.3.x86_64.rpm |
| almalinux | 9 | ppc64le | vim-common | < 8.2.2637-16.el9_0.3 | vim-common-8.2.2637-16.el9_0.3.ppc64le.rpm |
| almalinux | 9 | ppc64le | vim-minimal | < 8.2.2637-16.el9_0.3 | vim-minimal-8.2.2637-16.el9_0.3.ppc64le.rpm |
| almalinux | 9 | ppc64le | vim-enhanced | < 8.2.2637-16.el9_0.3 | vim-enhanced-8.2.2637-16.el9_0.3.ppc64le.rpm |
| almalinux | 9 | ppc64le | vim-x11 | < 8.2.2637-16.el9_0.3 | vim-X11-8.2.2637-16.el9_0.3.ppc64le.rpm |
| almalinux | 9 | aarch64 | vim-enhanced | < 8.2.2637-16.el9_0.3 | vim-enhanced-8.2.2637-16.el9_0.3.aarch64.rpm |
References
Related
rocky
rocky
vim security update
2022-08-09 09:32:59
vim security update
2022-08-02 06:59:03
nessus
nessus
Rocky Linux 8 : vim (RLSA-2022:5813)
2022-08-16 00:00:00
RHEL 8 : vim (RHSA-2022:5813)
2022-08-03 00:00:00
Rocky Linux 9 : vim (RLSA-2022:5942)
2023-11-07 00:00:00
redhat
redhat
(RHSA-2022:5942) Moderate: vim security update
2022-08-09 09:32:59
(RHSA-2022:5813) Moderate: vim security update
2022-08-02 06:59:03
osv
osv
Moderate: vim security update
2022-08-02 06:59:03
Moderate: vim security update
2022-08-09 00:00:00
Moderate: vim security update
2022-08-03 00:00:00
oraclelinux
oraclelinux
vim security update
2022-08-10 00:00:00
vim security update
2022-08-05 00:00:00
almalinux
almalinux
Moderate: vim security update
2022-08-03 00:00:00
ibm
ibm
cloudlinux
cloudlinux
Fixed CVEs in vim: CVE-2022-1927, CVE-2022-1897
2022-06-15 19:21:00
Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
2022-06-06 15:31:35
fedora
fedora
[SECURITY] Fedora 34 Update: vim-8.2.5046-1.fc34
2022-06-05 01:34:26
[SECURITY] Fedora 36 Update: vim-8.2.5046-1.fc36
2022-06-02 01:34:59
[SECURITY] Fedora 35 Update: vim-8.2.5052-1.fc35
2022-06-07 01:48:25
openvas
openvas
Fedora: Security Advisory for vim (FEDORA-2022-5ce148636b)
2022-06-03 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-d94440bf0e)
2022-06-06 00:00:00
Mageia: Security Advisory (MGASA-2022-0223)
2022-06-10 00:00:00
veracode
veracode
Out-of-bounds Write
2022-08-09 13:37:17
Denial Of Service (DoS)
2022-08-10 01:56:43
Out-Of-Bounds Read
2022-08-07 18:28:33
debiancve
debiancve
huntr
huntr
Out-of-bounds write in function vim_regsub_both
2022-05-16 13:43:21
Out-of-bounds write in function vim_regsub_both
2022-05-25 14:18:01
Buffer Over-read in function utf_ptr2char
2022-05-22 03:06:47
alpinelinux
alpinelinux
CVE-2022-1785
2022-05-19 13:15:00
CVE-2022-1927
2022-05-29 14:15:08
nvd
nvd
redhatcve
redhatcve
cvelist
cvelist
CVE-2022-1897 Out-of-bounds Write in vim/vim
2022-05-27 00:00:00
CVE-2022-1785 Out-of-bounds Write in vim/vim
2022-05-19 00:00:00
CVE-2022-1927 Buffer Over-read in vim/vim
2022-05-29 00:00:00
ubuntucve
ubuntucve
cve
cve
cbl_mariner
cbl_mariner
CVE-2022-1785 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
CVE-2022-1785 affecting package vim for versions less than 8.2.5064-1
2022-06-26 03:29:39
prion
prion
Design/Logic Flaw
2022-05-19 13:15:00
Design/Logic Flaw
2022-05-27 15:15:00
Buffer overflow
2022-05-29 14:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2215
2023-08-15 09:26:16
mageia
mageia
Updated vim packages fix security vulnerability
2022-06-09 23:49:47
photon
photon
Critical Photon OS Security Update - PHSA-2022-0199
2022-06-17 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0199
2022-06-17 00:00:00
Critical Photon OS Security Update - PHSA-2022-0487
2022-06-20 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2022-07-08 00:00:00
Vim vulnerabilities
2022-06-30 00:00:00
Vim vulnerabilities
2023-04-04 00:00:00
debian
debian
[SECURITY] [DLA 3204-1] vim security update
2022-11-24 09:17:54
amazon
amazon
Medium: vim
2022-07-28 20:41:00
Medium: vim
2022-07-19 01:26:00
redos
redos
ROS-20220525-01
2022-05-25 00:00:00
suse
suse
Security update for vim (important)
2022-06-16 00:00:00
cloudfoundry
cloudfoundry
USN-5995-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
USN-6557-1: Vim vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
apple
apple
About the security content of macOS Ventura 13
2022-10-24 00:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
avleonov
avleonov
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
48.3%
Related for ALSA-2022:5942