Описание
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
A flaw was found in Vim. When foldcolumn and smoothscrool are on, a divide by zero issue may occur in the scroll_cursor_bot function, causing a program crash.
Отчет
All versions of Vim shipped with Red Hat Enterprise Linux are affected, because of the presence of vulnerable code in our code-base. Red Hat Product Security has rated this issue as having a Low security impact, because the "victim" has to run an untrusted file IN SCRIPT MODE. Someone who is running untrusted files in script mode is equivalent to someone just taking a random python script and running it. Since Red Hat Enterprise Linux 6, 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle & Updates Policy: https://access.redhat.com/support/policy/updates/errata/.
Меры по смягчению последствий
Untrusted vim scripts with -s [scriptin] are not recommended to run.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | vim | Not affected | ||
| Red Hat Enterprise Linux 7 | vim | Not affected | ||
| Red Hat Enterprise Linux 8 | vim | Not affected | ||
| Red Hat Enterprise Linux 9 | vim | Not affected | ||
| Red Hat Virtualization 4 | vim | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
A divide by zero issue existed in vim of OpenCloudOS Stream
Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
EPSS
3.3 Low
CVSS3