Описание
vim is vulnerable to Use After Free
A use-after-free vulnerability in vim could allow an attacker to input a specially crafted file leading to memory corruption and a potentially exploitable crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/openshift-hive-rhel8 | Not affected | ||
Red Hat Enterprise Linux 6 | vim | Out of support scope | ||
Red Hat Enterprise Linux 7 | vim | Out of support scope | ||
Red Hat Enterprise Linux 9 | vim | Not affected | ||
Red Hat Enterprise Linux 8 | vim | Fixed | RHSA-2021:4517 | 09.11.2021 |
Red Hat Enterprise Linux 8 | vim | Fixed | RHSA-2021:4517 | 09.11.2021 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2004728vim: use-after-free in nv_replace() in normal.c
7.3 High
CVSS3
7.3 High
CVSS3