Headline
RHSA-2023:0958: Red Hat Security Advisory: vim security update
An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-47024: A NULL pointer dereference issue was found in Vim’s gui_x11_create_blank_mouse function in gui_x11.c. This flaw allows attackers to cause a denial of service and other unspecified impacts.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-02-28
Updated:
2023-02-28
RHSA-2023:0958 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: vim security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for vim is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
- vim: no check if the return value of XChangeGC() is NULL (CVE-2022-47024)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
Fixes
- BZ - 2163613 - CVE-2022-47024 vim: no check if the return value of XChangeGC() is NULL
Red Hat Enterprise Linux for x86_64 9
SRPM
vim-8.2.2637-20.el9_1.src.rpm
SHA-256: 0b69a7e4bd835da5b093b79adbfeb117c715ff569c791a486036a755e8c2ae5c
x86_64
vim-X11-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 58890d9586775d7f7aaa71cac2e218f7a68d328eb2d3a6105f7458806ada8f01
vim-X11-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 5faffd8f897a121b22ae3ed9e171405d509172d68483b17603ddb26d45d54251
vim-X11-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 5faffd8f897a121b22ae3ed9e171405d509172d68483b17603ddb26d45d54251
vim-common-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 30a236e458bd2c87372b9b56d38ebd6762051df56017f863c66ecf52c5bbcfbf
vim-common-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 8fde0de2d1a15503717d388386f5e4f28218d432b4954c1acdd718e9867255fa
vim-common-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 8fde0de2d1a15503717d388386f5e4f28218d432b4954c1acdd718e9867255fa
vim-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: b753ff1f0cb248805d2ad63eb168c1e6a9094b05ce8c6e4498dc3bb24ebd63ea
vim-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: b753ff1f0cb248805d2ad63eb168c1e6a9094b05ce8c6e4498dc3bb24ebd63ea
vim-debugsource-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: eaeee2bffdeee05ce8454d55149bb4072675b4c6a891a9142c02eab825aa0f22
vim-debugsource-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: eaeee2bffdeee05ce8454d55149bb4072675b4c6a891a9142c02eab825aa0f22
vim-enhanced-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 58f546c458dc9da7f585123f43c6ae6fc01c05381e451eebd6117352f68ec68d
vim-enhanced-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: ec054ac7af84dc2d475236ccd2a255540b2d53aa0b4f89eec82efa3e4b93c4eb
vim-enhanced-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: ec054ac7af84dc2d475236ccd2a255540b2d53aa0b4f89eec82efa3e4b93c4eb
vim-filesystem-8.2.2637-20.el9_1.noarch.rpm
SHA-256: 6f0dbb5a2c675b932a0eb650c83b68eb485e02808b02bb27373eef30a283f5bc
vim-minimal-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: 6c84c0ac25cf0c499848d725fbcd2689cddb4eb09d82e66171dbf41f54f7b1f0
vim-minimal-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: e3b9f9adbe6498a7f19569806fec6ae983e85b9f2dc0f9ca227bc7e4b0a6bd24
vim-minimal-debuginfo-8.2.2637-20.el9_1.x86_64.rpm
SHA-256: e3b9f9adbe6498a7f19569806fec6ae983e85b9f2dc0f9ca227bc7e4b0a6bd24
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
vim-8.2.2637-20.el9_1.src.rpm
SHA-256: 0b69a7e4bd835da5b093b79adbfeb117c715ff569c791a486036a755e8c2ae5c
s390x
vim-X11-8.2.2637-20.el9_1.s390x.rpm
SHA-256: dac21dc2191b922451c403012dfeeff182f2e5db56fa49b6b3d0fa73130c3b47
vim-X11-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 3ab52857caf9347cefb06d8e43cf170c79ab89a3f9c2f498bcebd820f8bc908d
vim-X11-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 3ab52857caf9347cefb06d8e43cf170c79ab89a3f9c2f498bcebd820f8bc908d
vim-common-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 8ab5decf28a481892720ceaa75492d58c5a66a4683962c1dc700b161563d3038
vim-common-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 500c42d4bcabf729ac082a8045c4189eecf9de594ab0c4ab8d0aec85ec2cdda6
vim-common-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 500c42d4bcabf729ac082a8045c4189eecf9de594ab0c4ab8d0aec85ec2cdda6
vim-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 11531144402d88ec943a3e6e1ea6c589944e16f83b256f96b20ed237b32c116f
vim-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 11531144402d88ec943a3e6e1ea6c589944e16f83b256f96b20ed237b32c116f
vim-debugsource-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 76ff85332e85b953b042b2886b3011de2ea3ac2d03edcd64e4c58822eb9fb087
vim-debugsource-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 76ff85332e85b953b042b2886b3011de2ea3ac2d03edcd64e4c58822eb9fb087
vim-enhanced-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 508f60ea30e5d5871eeb284a2c3868d95b51ba2027ad11f086e5a38aee0846f3
vim-enhanced-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 946e777db90b72bc044c7586a79ccf195b36bfa65a9fcdcbf4949863ee4755bd
vim-enhanced-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: 946e777db90b72bc044c7586a79ccf195b36bfa65a9fcdcbf4949863ee4755bd
vim-filesystem-8.2.2637-20.el9_1.noarch.rpm
SHA-256: 6f0dbb5a2c675b932a0eb650c83b68eb485e02808b02bb27373eef30a283f5bc
vim-minimal-8.2.2637-20.el9_1.s390x.rpm
SHA-256: d5790e5111ddd9ef80003c8f525c37eac7fb1f6e18ec9a3c6e5547690e40ae9f
vim-minimal-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: db969729467c359b348aa385c034f28335aede9df6c4b52e20dc173f2db576b1
vim-minimal-debuginfo-8.2.2637-20.el9_1.s390x.rpm
SHA-256: db969729467c359b348aa385c034f28335aede9df6c4b52e20dc173f2db576b1
Red Hat Enterprise Linux for Power, little endian 9
SRPM
vim-8.2.2637-20.el9_1.src.rpm
SHA-256: 0b69a7e4bd835da5b093b79adbfeb117c715ff569c791a486036a755e8c2ae5c
ppc64le
vim-X11-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 8c4663239c87f3d39ba2cf7f328afd2e8ae12a69369a15f401940fb567ffbc71
vim-X11-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: c842de3bf6379ef9d9f52ffc281402f432bfbbd7842d4232d8ee61dca9989903
vim-X11-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: c842de3bf6379ef9d9f52ffc281402f432bfbbd7842d4232d8ee61dca9989903
vim-common-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 09c2307e2eb529864caea673daf042422b89ae1d924453be0e90b4c7aff398bf
vim-common-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 11be1e96d71b9474becb379e43b23f50d065b7c0d9a41ded5af7ab36fbca925d
vim-common-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 11be1e96d71b9474becb379e43b23f50d065b7c0d9a41ded5af7ab36fbca925d
vim-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 9923fd6109e98bfeb882b5847286b0855f44acc37e26c9aa1e08e4d258c7b93c
vim-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 9923fd6109e98bfeb882b5847286b0855f44acc37e26c9aa1e08e4d258c7b93c
vim-debugsource-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 9898eca6665f1e205206167b19d0094f896be0722723d9dfc7a120e4ff64513b
vim-debugsource-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 9898eca6665f1e205206167b19d0094f896be0722723d9dfc7a120e4ff64513b
vim-enhanced-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: e8ae7b473b5cc5392f043fb878aa0f68b0603846375bbb874a980ed5eb147e0c
vim-enhanced-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 2b23e81f388700d057e7090a1e7feda581a2a49a02d8970dffe3c8f819175a26
vim-enhanced-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 2b23e81f388700d057e7090a1e7feda581a2a49a02d8970dffe3c8f819175a26
vim-filesystem-8.2.2637-20.el9_1.noarch.rpm
SHA-256: 6f0dbb5a2c675b932a0eb650c83b68eb485e02808b02bb27373eef30a283f5bc
vim-minimal-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 56210e4c4e3118e827366af652751940e471fc0d7b5aabef3a3236059d8b6381
vim-minimal-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 1be3233523ebd8f6924882b215f6f1304aafcc624ab2a3c456bdbfb700b158c8
vim-minimal-debuginfo-8.2.2637-20.el9_1.ppc64le.rpm
SHA-256: 1be3233523ebd8f6924882b215f6f1304aafcc624ab2a3c456bdbfb700b158c8
Red Hat Enterprise Linux for ARM 64 9
SRPM
vim-8.2.2637-20.el9_1.src.rpm
SHA-256: 0b69a7e4bd835da5b093b79adbfeb117c715ff569c791a486036a755e8c2ae5c
aarch64
vim-X11-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: fad5f3b8a00d0d046f09879a5f67b9cd457774b132cbc0c6600868929d1d286b
vim-X11-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: f3833fdf7da2d9ef3edfe0666a008608e3ccbcda6ee3885a9277fd33c3f4dbc1
vim-X11-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: f3833fdf7da2d9ef3edfe0666a008608e3ccbcda6ee3885a9277fd33c3f4dbc1
vim-common-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 8cb6fc1f2dbbb96cd12d99d9f15f5f08a520ece3816ccd1071762b3bb9b2cdd9
vim-common-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: cab3ce454644b4c7b416e578b03b2eacef1f173d6466f4fc5959bde5caa2f136
vim-common-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: cab3ce454644b4c7b416e578b03b2eacef1f173d6466f4fc5959bde5caa2f136
vim-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: bb9f3a17e4d26376c0c6ced3c91115ac75e4fdb65feddddc2c3dfb6b74c8dfeb
vim-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: bb9f3a17e4d26376c0c6ced3c91115ac75e4fdb65feddddc2c3dfb6b74c8dfeb
vim-debugsource-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 29a6fa09d9abbd0e00427c364cb2c2dec31dd8b8d5c2a53db1fbf3cd080c7a2f
vim-debugsource-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 29a6fa09d9abbd0e00427c364cb2c2dec31dd8b8d5c2a53db1fbf3cd080c7a2f
vim-enhanced-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 6c48eadb137d66159eaac6673649650cc6937e8db247345571eba1ea4bebaef6
vim-enhanced-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 9d50dddfd8e8cf62814284594f7ba463daf528aac154795b20587b811fda779a
vim-enhanced-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 9d50dddfd8e8cf62814284594f7ba463daf528aac154795b20587b811fda779a
vim-filesystem-8.2.2637-20.el9_1.noarch.rpm
SHA-256: 6f0dbb5a2c675b932a0eb650c83b68eb485e02808b02bb27373eef30a283f5bc
vim-minimal-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: 179c828b8d0c553bef34e540f7bb616879e99bfdb722113320682c6ab24b172f
vim-minimal-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: ff2054536caa52b5d5bbd04e4ccbc50934e1c6494d8a5be4852b6ca943d36199
vim-minimal-debuginfo-8.2.2637-20.el9_1.aarch64.rpm
SHA-256: ff2054536caa52b5d5bbd04e4ccbc50934e1c6494d8a5be4852b6ca943d36199
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
Gentoo Linux Security Advisory 202305-16 - Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service. Versions less than 9.0.1157 are affected.
Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.
Red Hat Security Advisory 2023-0958-01 - Vim is an updated and improved version of the vi editor.
Ubuntu Security Notice 5836-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.