Headline
Ubuntu Security Notice USN-6452-1
Ubuntu Security Notice 6452-1 - It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.
==========================================================================
Ubuntu Security Notice USN-6452-1
October 25, 2023
vim vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in Vim.
Software Description:
- vim: Vi IMproved - enhanced vi editor
Details:
It was discovered that Vim could be made to divide by zero. An attacker
could possibly use this issue to cause a denial of service. This issue
only affected Ubuntu 23.04. (CVE-2023-3896)
It was discovered that Vim did not properly manage memory. An attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2023-4733, CVE-2023-4750)
It was discovered that Vim contained an arithmetic overflow. An attacker
could possibly use this issue to cause a denial of service. This issue
only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.
(CVE-2023-4734)
It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2023-4735, CVE-2023-5344)
It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 23.04 and Ubuntu
23.10. (CVE-2023-4738)
It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu
16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and
Ubuntu 23.04. (CVE-2023-4751)
It was discovered that Vim did not properly manage memory. An attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04
LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4752, CVE-2023-5535)
It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu
22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4781)
It was discovered that Vim could be made to dereference invalid memory. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2023-5441)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
vim 2:9.0.1672-1ubuntu2.1
vim-athena 2:9.0.1672-1ubuntu2.1
vim-gtk3 2:9.0.1672-1ubuntu2.1
vim-nox 2:9.0.1672-1ubuntu2.1
vim-tiny 2:9.0.1672-1ubuntu2.1
xxd 2:9.0.1672-1ubuntu2.1
Ubuntu 23.04:
vim 2:9.0.1000-4ubuntu3.2
vim-athena 2:9.0.1000-4ubuntu3.2
vim-gtk3 2:9.0.1000-4ubuntu3.2
vim-nox 2:9.0.1000-4ubuntu3.2
vim-tiny 2:9.0.1000-4ubuntu3.2
xxd 2:9.0.1000-4ubuntu3.2
Ubuntu 22.04 LTS:
vim 2:8.2.3995-1ubuntu2.13
vim-athena 2:8.2.3995-1ubuntu2.13
vim-gtk 2:8.2.3995-1ubuntu2.13
vim-gtk3 2:8.2.3995-1ubuntu2.13
vim-nox 2:8.2.3995-1ubuntu2.13
vim-tiny 2:8.2.3995-1ubuntu2.13
xxd 2:8.2.3995-1ubuntu2.13
Ubuntu 20.04 LTS:
vim 2:8.1.2269-1ubuntu5.20
vim-athena 2:8.1.2269-1ubuntu5.20
vim-gtk 2:8.1.2269-1ubuntu5.20
vim-gtk3 2:8.1.2269-1ubuntu5.20
vim-nox 2:8.1.2269-1ubuntu5.20
vim-tiny 2:8.1.2269-1ubuntu5.20
xxd 2:8.1.2269-1ubuntu5.20
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
vim 2:8.0.1453-1ubuntu1.13+esm6
vim-athena 2:8.0.1453-1ubuntu1.13+esm6
vim-gtk 2:8.0.1453-1ubuntu1.13+esm6
vim-gtk3 2:8.0.1453-1ubuntu1.13+esm6
vim-nox 2:8.0.1453-1ubuntu1.13+esm6
vim-tiny 2:8.0.1453-1ubuntu1.13+esm6
xxd 2:8.0.1453-1ubuntu1.13+esm6
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
vim 2:7.4.1689-3ubuntu1.5+esm20
vim-athena 2:7.4.1689-3ubuntu1.5+esm20
vim-gtk 2:7.4.1689-3ubuntu1.5+esm20
vim-gtk3 2:7.4.1689-3ubuntu1.5+esm20
vim-nox 2:7.4.1689-3ubuntu1.5+esm20
vim-tiny 2:7.4.1689-3ubuntu1.5+esm20
Ubuntu 14.04 LTS (Available with Ubuntu Pro):
vim 2:7.4.052-1ubuntu3.1+esm14
vim-athena 2:7.4.052-1ubuntu3.1+esm14
vim-gtk 2:7.4.052-1ubuntu3.1+esm14
vim-nox 2:7.4.052-1ubuntu3.1+esm14
vim-tiny 2:7.4.052-1ubuntu3.1+esm14
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6452-1
CVE-2023-3896, CVE-2023-4733, CVE-2023-4734, CVE-2023-4735,
CVE-2023-4738, CVE-2023-4750, CVE-2023-4751, CVE-2023-4752,
CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535
Package Information:
https://launchpad.net/ubuntu/+source/vim/2:9.0.1672-1ubuntu2.1
https://launchpad.net/ubuntu/+source/vim/2:9.0.1000-4ubuntu3.2
https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.13
https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.20
Related news
Apple Security Advisory 12-11-2023-6 - macOS Monterey 12.7.2 addresses code execution and out of bounds read vulnerabilities.
Apple Security Advisory 12-11-2023-5 - macOS Ventura 13.6.3 addresses code execution and out of bounds read vulnerabilities.
Apple Security Advisory 12-11-2023-4 - macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities.
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
Apple Security Advisory 10-25-2023-4 - macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1858.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3