Headline
Ubuntu Security Notice USN-5492-1
Ubuntu Security Notice 5492-1 - It was discovered that Vim incorrectly handled memory when opening and searching the contents of certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash.
==========================================================================Ubuntu Security Notice USN-5492-1June 23, 2022vim vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESMSummary:Vim could be made to crash if it opened a specially crafted file.Software Description:- vim: Vi IMproved - enhanced vi editorDetails:It was discovered that Vim incorrectly handled memory when opening andsearching the contents of certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM: vim 2:7.4.1689-3ubuntu1.5+esm7In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-5492-1 CVE-2022-2042
Related news
Ubuntu Security Notice 6557-1 - It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
Gentoo Linux Security Advisory 202305-16 - Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service. Versions less than 9.0.1157 are affected.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.
Gentoo Linux Security Advisory 202208-32 - Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Versions less than 9.0.0060 are affected.
Use After Free in GitHub repository vim/vim prior to 8.2.