PT-2023-4441 · Vim+6 · Vim+6

Brammool

Published

2023-01-29

Updated

2025-03-30

CVE-2023-1175

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions vim versions prior to 9.0.1378

Description The issue is related to an incorrect calculation of buffer size in the vim text editor, specifically in the yank copy line function of the register.c component. This can allow an attacker to access confidential data, compromise data integrity, and cause a denial of service.

Recommendations For versions prior to 9.0.1378, update to version 9.0.1378 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-131

Related Identifiers

ALT-PU-2023-1955

ALT-PU-2023-2008

ALT-PU-2023-2024

ALT-PU-2023-2089

AZL-25355

BDU:2023-04830

CVE-2023-1175

DLA-3453-1

DLA-4097-1

MGASA-2023-0110

OESA-2023-1168

OPENSUSE-SU-2024:12774-1

ROSA-SA-2023-2268

SUSE-SU-2023:0760-1

SUSE-SU-2023:0781-1

SUSE-SU-2023:0781-2

USN-5963-1

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Suse

Ubuntu

Vim

PT-2023-4441 · Vim+6 · Vim+6

CVE-2023-1175

Weakness Enumeration

Related Identifiers

Affected Products

References · 64