vim: Fix of 2 CVEs

🗓️ 12 Dec 2022 19:49:34Reported by CloudLinuxType

cloudlinux

cloudlinux🔗 repo.cloudlinux.com👁 30 Views

Fix for 2 Vim CVEs related to text locking and negative colum

Reporter	Title	Published	Views	Family All 173
Huntr	AddressSanitizer: heap-buffer-overflow in alloc.c 246:11	24 Nov 202205:34	–	huntr
Huntr	heap-buffer-overflow in function inc at misc2.c	14 Oct 202215:32	–	huntr
Tenable Nessus	Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2023-269)	25 Jan 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : vim (ALAS-2022-1902)	7 Dec 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : vim (ALAS-2023-1912)	23 Jan 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : vim (ALAS-2023-1663)	24 Jan 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : vim (ALAS-2023-1664)	24 Jan 202300:00	–	nessus
Tenable Nessus	Debian dla-3453 : vim - security update	13 Jun 202300:00	–	nessus
Tenable Nessus	Debian dla-4097 : vim - security update	30 Mar 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Centos	6	x86_64	vim-x11	7.4.629	vim-7.4.629-5.2.el6.tuxcare.els33.src.rpm
Centos	6	x86_64	vim-common	7.4.629	vim-7.4.629-5.2.el6.tuxcare.els33.src.rpm
Centos	6	x86_64	vim-enhanced	7.4.629	vim-7.4.629-5.2.el6.tuxcare.els33.src.rpm
Centos	6	x86_64	vim-filesystem	7.4.629	vim-7.4.629-5.2.el6.tuxcare.els33.src.rpm
Centos	6	x86_64	vim-minimal	7.4.629	vim-7.4.629-5.2.el6.tuxcare.els33.src.rpm

12 Dec 2022 19:49Current

2.6Low risk

Vulners AI Score2.6

CVSS 3.19.8

CVSS 37.8

EPSS0.00074

SSVC

vim fix text locking negative column unix