Headline

CVE-2023-1175: patch 9.0.1378: illegal memory access when using virtual editing · vim/vim@c99cbf8

Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.

1 year ago

- Actions
  
  Automate any workflow
- Packages
  
  Host and manage packages
- Security
  
  Find and fix vulnerabilities
- Codespaces
  
  Instant dev environments
- Copilot
  
  Write better code with AI
- Code review
  
  Manage code changes
- Issues
  
  Plan and track work
- Discussions
  
  Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog

- For
- Enterprise
- Teams
- Startups
- Education
- By Solution
- CI/CD & Automation
- DevOps
- DevSecOps
- Case Studies
- Customer Stories
- Resources
- GitHub Sponsors
  
  Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections

Pricing
Notifications
Fork 4.6k
Code
Issues 1.3k
Pull requests 155
Actions
Projects
Wiki
Security
Insights

Permalink

Browse files

patch 9.0.1378: illegal memory access when using virtual editing

Problem: Illegal memory access when using virtual editing. Solution: Make sure “startspaces” is not negative.

Loading branch information

Showing 3 changed files with 14 additions and 0 deletions.

- register.c
- - test_virtualedit.vim
- version.c

@@ -1245,6 +1245,8 @@ op_yank(oparg_T *oap, int deleting, int mess)

// double-count it.

bd.startspaces = (ce - cs + 1)

- oap->start.coladd;

if (bd.startspaces < 0)

bd.startspaces = 0;

startcol++;

}

@@ -88,6 +88,16 @@ func Test_edit_change()

set virtualedit=

endfunc

func Test_edit_special_char()

new

se ve=all

norm a0

sil! exe “norm o00000\<Nul>k<a0s”

bwipe!

set virtualedit=

endfunc

" Tests for pasting at the beginning, end and middle of a tab character

" in virtual edit mode.

func Test_paste_in_tab()

@@ -695,6 +695,8 @@ static char *(features[]) =

static int included_patches[] =

{ /* Add new patch number below this line */

/**/

1378,

/**/

1377,

/**/

0 comments on commit c99cbf8

Please sign in to comment.

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

1 year ago

CVE

Open in Source

#vulnerability #web #ios #dos #intel #vmware #bios #auth #dell #ssl

Ubuntu Security Notice USN-5963-1

Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.

1 year ago

Packet Storm

Open in Source

#vulnerability #ubuntu #dos #perl