Headline
CVE-2022-3705: patch 9.0.0805: filetype autocmd may cause freed memory access · vim/vim@d0fab10
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.
@@ -4595,6 +4595,9 @@ qf_update_buffer(qf_info_T *qi, qfline_T *old_last)
qf_winid = win->w_id;
}
// autocommands may cause trouble
incr_quickfix_busy();
if (old_last == NULL)
// set curwin/curbuf to buf and save a few things
aucmd_prepbuf(&aco, buf);
@@ -4616,6 +4619,9 @@ qf_update_buffer(qf_info_T *qi, qfline_T *old_last)
// when the added lines are not visible.
if ((win = qf_find_win(qi)) != NULL && old_line_count < win->w_botline)
redraw_buf_later(buf, UPD_NOT_VALID);
// always called after incr_quickfix_busy()
decr_quickfix_busy();
}
}
Related news
Ubuntu Security Notice 6420-1 - It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Gentoo Linux Security Advisory 202305-16 - Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service. Versions less than 9.0.1157 are affected.
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service.
Apple Security Advisory 2023-01-23-4 - macOS Ventura 13.2 addresses buffer overflow, bypass, code execution, information leakage, and use-after-free vulnerabilities.