PT-2023-8855 · Vim+6 · Vim+6

Fabian Toepfer

Published

2023-11-16

Updated

2026-03-29

CVE-2023-48233

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.0.2108

Description The issue is related to the use of large values for the :s command, which can exceed the capacity of a signed long variable, potentially leading to a crash. The impact is considered low, and user interaction is required for exploitation. There are no known instances of this issue being exploited in real-world attacks.

Recommendations For versions prior to 9.0.2108, upgrade to release version 9.0.2108 or later to resolve the issue. As a temporary workaround, consider avoiding the use of large values for the :s command until a patch is applied.

Exploit

Fix

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2023-7676

ALT-PU-2023-7776

ALT-PU-2023-7778

ALT-PU-2024-1095

AZL-32010

BDU:2024-02414

CVE-2023-48233

ECHO-F5CD-DFC0-A213

GHSA-3XX4-HCQ6-R2VJ

MGASA-2023-0341

OESA-2023-1874

OESA-2023-1876

OESA-2023-1883

OESA-2023-1884

OESA-2023-1885

OPENSUSE-SU-2024_1287-1

SUSE-SU-2024:0783-1

SUSE-SU-2024:0871-1

SUSE-SU-2024:1287-1

USN-6557-1

Affected Products

Alt Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Vim

PT-2023-8855 · Vim+6 · Vim+6

CVE-2023-48233

Weakness Enumeration

Related Identifiers

Affected Products

References · 90