Описание
Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.
A heap use-after-free flaw was found in the vim package. When executing a :s command for the first time and using a sub-replace-special atom inside the substitution, it is possible that the recursive :s call causes memory to be freed, which may later then be accessed by the initial :s command. This issue may result in Vim crashing.
Отчет
Red Hat Product Security has rated this issue as having a Low security impact because the "victim" has to run an untrusted file IN SCRIPT MODE. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 7 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 8 | vim | Fix deferred | ||
| Red Hat Enterprise Linux 9 | vim | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
4.3 Medium
CVSS3
Связанные уязвимости
Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Vim is an open source command line text editor. When closing a window, ...
Уязвимость функции win_close() текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность данных
4.3 Medium
CVSS3