Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-4738: patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() · vim/vim@ced2c73

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.

CVE
#git#buffer_overflow

Expand Up @@ -6,7 +6,7 @@ CheckScreendump
func Test_crash1() " The following used to crash Vim let opts = #{wait_for_ruler: 0} let opts = #{wait_for_ruler: 0, rows: 20} let args = ' -u NONE -i NONE -n -e -s -S ' let buf = RunVimInTerminal(args … ' crash/poc_huaf1’, opts) call VerifyScreenDump(buf, 'Test_crash_01’, {}) Expand All @@ -22,4 +22,13 @@ func Test_crash1()
endfunc
func Test_crash2() " The following used to crash Vim let opts = #{wait_for_ruler: 0, rows: 20} let args = ' -u NONE -i NONE -n -e -s -S ' let buf = RunVimInTerminal(args … ' crash/vim_regsub_both’, opts) call VerifyScreenDump(buf, 'Test_crash_01’, {}) exe buf … “bw!” endfunc
" vim: shiftwidth=2 sts=2 expandtab

Related news

Apple Security Advisory 10-25-2023-4

Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6452-1

Ubuntu Security Notice 6452-1 - It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.

CVE-2023-42861: About the security content of macOS Sonoma 14.1

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907