vim/vim is vulnerable to denial of service. The vulnerability exists due to a null pointer dereference when deleting buffers in diff mode which allows an attacker to cause an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
vim:sid | eq | 2:8.2.2434-3 | |
vim:sid | eq | 2:8.2.1913-1+b2 | |
vim:sid | eq | 2:8.2.2434-3 | |
vim:sid | eq | 2:8.2.1913-1+b2 |
github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195
huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1
lists.fedoraproject.org/archives/list/[email protected]/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/
lists.fedoraproject.org/archives/list/[email protected]/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/
security-tracker.debian.org/tracker/CVE-2022-2208
security.gentoo.org/glsa/202208-32
security.gentoo.org/glsa/202305-16