Описание
Security update for vim
This update for vim fixes the following issues:
- CVE-2022-0318: Fixed heap-based buffer overflow (bsc#1195004).
- CVE-2021-3796: Fixed use-after-free in nv_replace() in normal.c (bsc#1190570).
- CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status() drawscreen.c (bsc#1191893).
- CVE-2021-3927: Fixed heap-based buffer overflow (bsc#1192481).
- CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
- CVE-2021-4019: Fixed heap-based buffer overflow (bsc#1193294).
- CVE-2021-3984: Fixed illegal memory access when C-indenting could have led to heap buffer overflow (bsc#1193298).
- CVE-2021-3778: Fixed heap-based buffer overflow in regexp_nfa.c (bsc#1190533).
- CVE-2021-4193: Fixed out-of-bounds read (bsc#1194216).
- CVE-2021-46059: Fixed pointer dereference vulnerability via the vim_regexec_multi function at regexp.c (bsc#1194556).
- CVE-2022-0319: Fixded out-of-bounds read (bsc#1195066).
- CVE-2022-0351: Fixed uncontrolled recursion in eval7() (bsc#1195126).
- CVE-2022-0361: Fixed buffer overflow (bsc#1195126).
- CVE-2022-0413: Fixed use-after-free in src/ex_cmds.c (bsc#1195356).
Список пакетов
openSUSE Leap 15.3
gvim-8.0.1568-5.17.1
vim-8.0.1568-5.17.1
vim-data-8.0.1568-5.17.1
vim-data-common-8.0.1568-5.17.1
vim-small-8.0.1568-5.17.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0736-1
- SUSE Security Ratings
- SUSE Bug 1190533
- SUSE Bug 1190570
- SUSE Bug 1191893
- SUSE Bug 1192478
- SUSE Bug 1192481
- SUSE Bug 1193294
- SUSE Bug 1193298
- SUSE Bug 1194216
- SUSE Bug 1194556
- SUSE Bug 1195004
- SUSE Bug 1195066
- SUSE Bug 1195126
- SUSE Bug 1195202
- SUSE Bug 1195356
- SUSE CVE CVE-2021-3778 page
- SUSE CVE CVE-2021-3796 page
- SUSE CVE CVE-2021-3872 page
- SUSE CVE CVE-2021-3927 page
Описание
vim is vulnerable to Heap-based Buffer Overflow
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-3778
- SUSE Bug 1190533
Описание
vim is vulnerable to Use After Free
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-3796
- SUSE Bug 1190570
Описание
vim is vulnerable to Heap-based Buffer Overflow
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-3872
- SUSE Bug 1191893
Описание
vim is vulnerable to Heap-based Buffer Overflow
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-3927
- SUSE Bug 1192481
Описание
vim is vulnerable to Use of Uninitialized Variable
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-3928
- SUSE Bug 1192478
Описание
vim is vulnerable to Heap-based Buffer Overflow
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-3984
- SUSE Bug 1193298
Описание
vim is vulnerable to Heap-based Buffer Overflow
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-4019
- SUSE Bug 1193294
Описание
vim is vulnerable to Out-of-bounds Read
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-4193
- SUSE Bug 1194216
Описание
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2021-46059
- SUSE Bug 1194556
Описание
Heap-based Buffer Overflow in vim/vim prior to 8.2.
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2022-0318
- SUSE Bug 1195004
Описание
Out-of-bounds Read in vim/vim prior to 8.2.
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2022-0319
- SUSE Bug 1195066
Описание
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2022-0351
- SUSE Bug 1195126
Описание
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2022-0361
- SUSE Bug 1195202
Описание
Use After Free in GitHub repository vim/vim prior to 8.2.
Затронутые продукты
openSUSE Leap 15.3:gvim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-8.0.1568-5.17.1
openSUSE Leap 15.3:vim-data-common-8.0.1568-5.17.1
Ссылки
- CVE-2022-0413
- SUSE Bug 1195356
- SUSE Bug 1208308
- SUSE Bug 1208651