Описание
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
A stack-based buffer overflow flaw was found in Vim. The did_set_langmap function in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. That buffer can be overflown, possibly leading to memory corruption and escalation of privileges.
Отчет
Escalation of privilege may only be attained if the Vim binary can be run with non-default higher privileges, which is a rare scenario, for example, setuid which makes this vulnerability only to be exploited via high privileges making the severity as low.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 7 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 8 | vim | Fix deferred | ||
| Red Hat Enterprise Linux 9 | vim | Fix deferred |
Показывать по
Дополнительная информация
Статус:
8.4 High
CVSS3
Связанные уязвимости
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_ ...
8.4 High
CVSS3