CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
41.8%
Vim is an open source command line text editor. In affected versions when
shifting lines in operator pending mode and using a very large value, it
may be possible to overflow the size of integer. Impact is low, user
interaction is required and a crash may not even happen in all situations.
This issue has been addressed in commit 6bf131888
which has been included
in version 9.0.2112. Users are advised to upgrade. There are no known
workarounds for this vulnerability.
Author | Note |
---|---|
Priority reason: Requires user interaction |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | vim | < 2:8.0.1453-1ubuntu1.13+esm7 | UNKNOWN |
ubuntu | 20.04 | noarch | vim | < 2:8.1.2269-1ubuntu5.21 | UNKNOWN |
ubuntu | 22.04 | noarch | vim | < 2:8.2.3995-1ubuntu2.15 | UNKNOWN |
ubuntu | 23.04 | noarch | vim | < 2:9.0.1000-4ubuntu3.3 | UNKNOWN |
ubuntu | 23.10 | noarch | vim | < 2:9.0.1672-1ubuntu2.2 | UNKNOWN |
ubuntu | 14.04 | noarch | vim | < 2:7.4.052-1ubuntu3.1+esm15 | UNKNOWN |
ubuntu | 16.04 | noarch | vim | < 2:7.4.1689-3ubuntu1.5+esm22 | UNKNOWN |
www.openwall.com/lists/oss-security/2023/11/16/1
github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e
github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e (v9.0.2112)
github.com/vim/vim/security/advisories/GHSA-f2m2-v387-gv87
launchpad.net/bugs/cve/CVE-2023-48237
nvd.nist.gov/vuln/detail/CVE-2023-48237
security-tracker.debian.org/tracker/CVE-2023-48237
ubuntu.com/security/notices/USN-6557-1
www.cve.org/CVERecord?id=CVE-2023-48237
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
41.8%