cnvd - cnvd-2022-20696

cnvd-2022-20696

Vulnerability from cnvd

Title

vim缓冲区溢出漏洞（CNVD-2022-20696）

Description

Vim是一款基于UNIX平台的编辑器。 Vim 8.2.4436之前版本存在缓冲区溢出漏洞，该漏洞源于win_lbr_chartabsize() 中存在堆溢出，攻击者可利用该漏洞导致程序崩溃。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-0714

Impacted products

Name
Vim Vim <=8.2.4436

Show details on source website

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-0714",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-0714"
    }
  },
  "description": "Vim\u662f\u4e00\u6b3e\u57fa\u4e8eUNIX\u5e73\u53f0\u7684\u7f16\u8f91\u5668\u3002\n\nVim 8.2.4436\u4e4b\u524d\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ewin_lbr_chartabsize() \u4e2d\u5b58\u5728\u5806\u6ea2\u51fa\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7a0b\u5e8f\u5d29\u6e83\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-20696",
  "openTime": "2022-03-18",
  "products": {
    "product": "Vim Vim \u003c=8.2.4436"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-0714",
  "serverity": "\u4e2d",
  "submitTime": "2022-02-24",
  "title": "vim\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2022-20696\uff09"
}

CVE-2022-0714 (GCVE-0-2022-0714)

Vulnerability from cvelistv5

Published

2022-02-22 00:00

Modified

2024-08-02 23:40

Severity ?

8.4 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Summary

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.

References

URL

Tags

	https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3
	https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html	mailing-list
	https://security.gentoo.org/glsa/202208-32	vendor-advisory
	https://support.apple.com/kb/HT213488
	http://seclists.org/fulldisclosure/2022/Oct/41	mailing-list
	http://seclists.org/fulldisclosure/2022/Oct/28	mailing-list
	https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html	mailing-list

Impacted products

	Vendor	Product	Version
	vim	vim/vim	Version: unspecified < 8.2.4436

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:40:03.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa"
          },
          {
            "name": "FEDORA-2022-48bf3cb1c4",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/"
          },
          {
            "name": "FEDORA-2022-63ca9a1129",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/"
          },
          {
            "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html"
          },
          {
            "name": "GLSA-202208-32",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-32"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213488"
          },
          {
            "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Oct/41"
          },
          {
            "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Oct/28"
          },
          {
            "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "vim/vim",
          "vendor": "vim",
          "versions": [
            {
              "lessThan": "8.2.4436",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-08T00:00:00",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "url": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3"
        },
        {
          "url": "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa"
        },
        {
          "name": "FEDORA-2022-48bf3cb1c4",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/"
        },
        {
          "name": "FEDORA-2022-63ca9a1129",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/"
        },
        {
          "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html"
        },
        {
          "name": "GLSA-202208-32",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202208-32"
        },
        {
          "url": "https://support.apple.com/kb/HT213488"
        },
        {
          "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Oct/41"
        },
        {
          "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Oct/28"
        },
        {
          "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
        }
      ],
      "source": {
        "advisory": "db70e8db-f309-4f3c-986c-e69d2415c3b3",
        "discovery": "EXTERNAL"
      },
      "title": "Heap-based Buffer Overflow in vim/vim"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-0714",
    "datePublished": "2022-02-22T00:00:00",
    "dateReserved": "2022-02-21T00:00:00",
    "dateUpdated": "2024-08-02T23:40:03.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.