PT-2022-2753 · Vim+9 · Vim+9

Brammool

Published

2022-04-14

Updated

2024-06-15

CVE-2022-1420

CVSS v3.1

6.8

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Vim versions prior to 8.2.4774

Description The issue is related to an out-of-range pointer offset, which can be exploited by an attacker to cause a denial of service using a specially crafted file. This can happen when a user is tricked into opening a malicious file, leading to the application's crash. The estimated number of potentially affected devices and real-world incidents are not specified.

Recommendations For versions prior to 8.2.4774, update to version 8.2.4774 or later to resolve the issue. As a temporary workaround, consider avoiding the use of files from untrusted sources to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-823CWE-119

Related Identifiers

ALSA-2022:5242

ALT-PU-2022-1716

ALT-PU-2022-1731

ALT-PU-2022-1771

ALT-PU-2022-1874

AZL-9531

BDU:2022-03270

CVE-2022-1420

MGASA-2022-0203

OPENSUSE-SU-2022_2102-1

OPENSUSE-SU-2024:12337-1

RHSA-2022:5242

RHSA-2022_5242

SUSE-SU-2022:2102-1

SUSE-SU-2022:4619-1

USN-5613-1

USN-5613-2

Affected Products

Alt Linux

Almalinux

Debian

Linuxmint

Apple Macos

Red Hat

Red Os

Suse

Ubuntu

Vim

PT-2022-2753 · Vim+9 · Vim+9

CVE-2022-1420

Weakness Enumeration

Related Identifiers

Affected Products

References · 317