PT-2023-6503 · Vim+6 · Vim+6

Cole Dilorenzo

Publicado

2023-10-27

Atualizado

2024-06-27

CVE-2023-46246

CVSS v3.1

4.0

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.0.2068

Description The issue is caused by a heap-use-after-free in memory allocated in the function ga grow inner and an integer overflow when using the :history command. This can potentially lead to a denial of service. The vulnerability is related to the ga grow inner function in the file src/alloc.c and the do cmdline function in the file src/ex docmd.c. The :history command can cause an integer overflow, potentially leading to a use-after-free.

Recommendations For versions prior to 9.0.2068, update to version 9.0.2068 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the :history command until a patch is available. Restrict access to the vulnerable function ga grow inner to minimize the risk of exploitation.

Exploit

Correção

Integer Overflow

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190CWE-416

Identificadores relacionados

ALT-PU-2023-7025

ALT-PU-2023-7047

ALT-PU-2023-7253

AZL-31702

BDU:2023-07250

CVE-2023-46246

ECHO-2FE5-91AE-2460

GHSA-Q22M-H7M2-9MGM

MGASA-2023-0314

OESA-2023-1796

OPENSUSE-SU-2023_4557-1

OPENSUSE-SU-2023_4587-1

ROSA-SA-2024-2435

SUSE-SU-2023:4557-1

SUSE-SU-2023:4560-1

SUSE-SU-2023:4587-1

SUSE-SU-2023_4557-1

SUSE-SU-2023_4560-1

SUSE-SU-2023_4587-1

USN-6557-1

Produtos afetados

Alt Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Vim

PT-2023-6503 · Vim+6 · Vim+6

CVE-2023-46246

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 77