CVE-2023-41036

Name of the Vulnerable Software and Affected Versions Macvim versions prior to 178

Description The issue is related to an insecure interprocess communication (IPC) mechanism in Macvim, a text editor for MacOS. This mechanism could lead to a privilege escalation. Distributed objects, a concept introduced by Apple, allow one program to vend an interface to another program, but the documentation does not make it clear that this service can vend the interface to any other program on the machine. The impact of exploitation is a privilege escalation to root, which is likely to affect users who are not careful about the software they download and use MacVim to edit files that require root privileges.

Recommendations For versions prior to 178, update to version 178 or later to resolve the issue. As a temporary workaround, consider avoiding the use of MacVim to edit files that require root privileges until the update is applied.