Описание
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
A vulnerability was found in Vim. The issue occurs when using a number in a string for the lambda name, triggering an out-of-range pointer offset vulnerability. This flaw allows an attacker to trick a user into opening a crafted script containing an argument as a number and then using it as a string pointer to access any memory location, causing an application to crash and possibly access some memory.
Меры по смягчению последствий
Untrusted vim scripts with -s [scriptin] are not recommended to run.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | vim | Not affected | ||
| Red Hat Enterprise Linux 7 | vim | Not affected | ||
| Red Hat Enterprise Linux 8 | vim | Not affected | ||
| Red Hat Virtualization 4 | vim | Not affected | ||
| Red Hat Enterprise Linux 9 | vim | Fixed | RHSA-2022:5242 | 01.07.2022 |
| Red Hat Enterprise Linux 9 | vim | Fixed | RHSA-2022:5242 | 01.07.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
EPSS
6.1 Medium
CVSS3