ELSA-2023-0958

Опубликовано: 28 фев. 2023

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2023-0958: vim security update (MODERATE)

[8.2.2637-20.0.1]

Remove upstream references [Orabug: 31197557]

[2:8.2.2637-20]

CVE-2022-47024 vim: no check if the return value of XChangeGC() is NULL

[2:8.2.2637-19]

CVE-2022-1785 vim: Out-of-bounds Write
CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in regexp.c
CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c

[2:8.2.2637-18]

CVE-2022-1621 vim: heap buffer overflow
CVE-2022-1629 vim: buffer over-read

[2:8.2.2637-17]

CVE-2022-1154 vim: use after free in utf_ptr2char
CVE-2022-1420 vim: Out-of-range Pointer Offset

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

vim-X11

8.2.2637-20.0.1.el9_1

vim-common

8.2.2637-20.0.1.el9_1

vim-enhanced

8.2.2637-20.0.1.el9_1

vim-filesystem

8.2.2637-20.0.1.el9_1

vim-minimal

8.2.2637-20.0.1.el9_1

Oracle Linux x86_64

vim-X11

8.2.2637-20.0.1.el9_1

vim-common

8.2.2637-20.0.1.el9_1

vim-enhanced

8.2.2637-20.0.1.el9_1

vim-filesystem

8.2.2637-20.0.1.el9_1

vim-minimal

8.2.2637-20.0.1.el9_1

Связанные CVE

CVE-2022-47024

Ссылки на источники

Связанные уязвимости

CVE-2022-47024

CVSS3: 7.8

ubuntu

больше 2 лет назад

A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.

CVE-2022-47024

CVSS3: 7.8

redhat

больше 2 лет назад

CVE-2022-47024

CVSS3: 7.8

nvd

больше 2 лет назад

CVE-2022-47024

CVSS3: 7.8

debian

больше 2 лет назад

A null pointer dereference issue was discovered in function gui_x11_cr ...

RLSA-2023:0958

rocky

около 2 лет назад

Moderate: vim security update