Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-22667HistoryFeb 05, 2024 - 8:15 a.m.
CVE-2024-22667
2024-02-0508:15:44
Debian Security Bug Tracker
security-tracker.debian.org
17
vim
buffer overflow
vulnerability
map.c
sprintf
error buffer
option callback
unix
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | vim | <= 2:9.0.1378-2 | vim_2:9.0.1378-2_all.deb |
| Debian | 11 | all | vim | <= 2:8.2.2434-3+deb11u1 | vim_2:8.2.2434-3+deb11u1_all.deb |
| Debian | 10 | all | vim | <= 2:8.1.0875-5+deb10u2 | vim_2:8.1.0875-5+deb10u2_all.deb |
| Debian | 999 | all | vim | < 2:9.0.2189-1 | vim_2:9.0.2189-1_all.deb |
| Debian | 13 | all | vim | < 2:9.0.2189-1 | vim_2:9.0.2189-1_all.deb |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0040)
2024-02-19 00:00:00
Fedora: Security Advisory for vim (FEDORA-2024-12513b5cee)
2024-02-15 00:00:00
Ubuntu: Security Advisory (USN-6698-1)
2024-03-19 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-22667 affecting package vim for versions less than 9.0.2121-2
2024-03-05 17:52:42
redos
redos
ROS-20240410-15
2024-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: vim-9.1.076-2.fc38
2024-02-15 01:42:55
[SECURITY] Fedora 39 Update: vim-9.1.076-2.fc39
2024-02-15 01:00:18
nessus
nessus
Fedora 39 : vim (2024-12513b5cee)
2024-02-15 00:00:00
Fedora 38 : vim (2024-1c85d5b179)
2024-02-15 00:00:00
ubuntu
ubuntu
Vim vulnerability
2024-03-18 00:00:00
nvd
nvd
CVE-2024-22667
2024-02-05 08:15:44
prion
prion
Stack overflow
2024-02-05 08:15:00
osv
osv
vim vulnerability
2024-03-18 16:48:35
cloudfoundry
cloudfoundry
USN-6698-1: Vim vulnerability | Cloud Foundry
2024-05-02 00:00:00
alpinelinux
alpinelinux
CVE-2024-22667
2024-02-05 08:15:44
cvelist
cvelist
CVE-2024-22667
2024-02-05 00:00:00
cve
cve
CVE-2024-22667
2024-02-05 08:15:44
veracode
veracode
Stack-Buffer-Overflow
2024-02-10 10:00:45
redhatcve
redhatcve
CVE-2024-22667
2024-02-06 13:59:55
cloudlinux
cloudlinux
vim: Fix of CVE-2024-22667
2024-03-04 14:52:22
mageia
mageia
Updated vim packages fix a security vulnerability
2024-02-17 03:55:07
ubuntucve
ubuntucve
CVE-2024-22667
2024-02-05 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0567
2024-02-18 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0212
2024-02-18 00:00:00
amazon
amazon
Medium: vim
2024-02-15 03:52:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2024-22667