Lucene search
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2022-0736-1.NASLHistoryMar 05, 2022 - 12:00 a.m.
openSUSE 15 Security Update : vim (openSUSE-SU-2022:0736-1)
2022-03-0500:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
7.8 High
AI Score
Confidence
High
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0736-1 advisory.
-
vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019)
-
vim is vulnerable to Use After Free (CVE-2021-3796)
-
vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)
-
vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)
-
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)
-
Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)
-
Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)
-
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
(CVE-2022-0351) -
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)
-
Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# openSUSE Security Update openSUSE-SU-2022:0736-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(158630);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/06");
script_cve_id(
"CVE-2021-3778",
"CVE-2021-3796",
"CVE-2021-3872",
"CVE-2021-3927",
"CVE-2021-3928",
"CVE-2021-3984",
"CVE-2021-4019",
"CVE-2021-4193",
"CVE-2021-46059",
"CVE-2022-0318",
"CVE-2022-0319",
"CVE-2022-0351",
"CVE-2022-0361",
"CVE-2022-0413"
);
script_name(english:"openSUSE 15 Security Update : vim (openSUSE-SU-2022:0736-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in
the openSUSE-SU-2022:0736-1 advisory.
- vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927,
CVE-2021-3984, CVE-2021-4019)
- vim is vulnerable to Use After Free (CVE-2021-3796)
- vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)
- vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)
- ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by
its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)
- Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)
- Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)
- Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
(CVE-2022-0351)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)
- Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190533");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190570");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191893");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192478");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192481");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193294");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193298");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1194216");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1194556");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195004");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195066");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195126");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195202");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195356");
# https://lists.opensuse.org/archives/list/[email protected]/thread/FDNZ3N5S7UGKPUUKPGOQQGPJJK3YTW37/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7e3b18cd");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3778");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3796");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3872");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3927");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3928");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3984");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-4019");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-4193");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-46059");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0318");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0319");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0351");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0361");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0413");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0318");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/09/15");
script_set_attribute(attribute:"patch_publication_date", value:"2022/03/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvim");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:vim");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:vim-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:vim-data-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:vim-small");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.3");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/SuSE/release');
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, 'openSUSE');
var os_ver = pregmatch(pattern: "^SUSE([\d.]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');
os_ver = os_ver[1];
if (release !~ "^(SUSE15\.3)$") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);
var pkgs = [
{'reference':'gvim-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-data-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-data-common-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-small-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var release = NULL;
var cpu = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && release) {
if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gvim / vim / vim-data / vim-data-common / vim-small');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | gvim | p-cpe:/a:novell:opensuse:gvim |
| novell | opensuse | vim | p-cpe:/a:novell:opensuse:vim |
| novell | opensuse | vim-data | p-cpe:/a:novell:opensuse:vim-data |
| novell | opensuse | vim-data-common | p-cpe:/a:novell:opensuse:vim-data-common |
| novell | opensuse | vim-small | p-cpe:/a:novell:opensuse:vim-small |
| novell | opensuse | 15.3 | cpe:/o:novell:opensuse:15.3 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3872
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3928
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3984
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4193
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0319
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0361
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0413
www.nessus.org/u?7e3b18cd
bugzilla.suse.com/1190533
bugzilla.suse.com/1190570
bugzilla.suse.com/1191893
bugzilla.suse.com/1192478
bugzilla.suse.com/1192481
bugzilla.suse.com/1193294
bugzilla.suse.com/1193298
bugzilla.suse.com/1194216
bugzilla.suse.com/1194556
bugzilla.suse.com/1195004
bugzilla.suse.com/1195066
bugzilla.suse.com/1195126
bugzilla.suse.com/1195202
bugzilla.suse.com/1195356
www.suse.com/security/cve/CVE-2021-3778
www.suse.com/security/cve/CVE-2021-3796
www.suse.com/security/cve/CVE-2021-3872
www.suse.com/security/cve/CVE-2021-3927
www.suse.com/security/cve/CVE-2021-3928
www.suse.com/security/cve/CVE-2021-3984
www.suse.com/security/cve/CVE-2021-4019
www.suse.com/security/cve/CVE-2021-4193
www.suse.com/security/cve/CVE-2021-46059
www.suse.com/security/cve/CVE-2022-0318
www.suse.com/security/cve/CVE-2022-0319
www.suse.com/security/cve/CVE-2022-0351
www.suse.com/security/cve/CVE-2022-0361
www.suse.com/security/cve/CVE-2022-0413
Related
suse
suse
Security update for vim (important)
2022-03-04 00:00:00
Security update for vim (important)
2022-06-16 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:0736-1)
2022-03-05 00:00:00
EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1193)
2022-02-23 00:00:00
EulerOS Virtualization 3.0.2.6 : vim (EulerOS-SA-2023-1053)
2023-01-06 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2214
2023-08-15 09:10:06
oraclelinux
oraclelinux
vim security update
2022-02-03 00:00:00
vim security update
2021-11-16 00:00:00
vim security update
2022-03-16 00:00:00
osv
osv
Moderate: vim security update
2022-02-01 20:12:46
Moderate: vim security update
2022-02-01 20:12:46
Moderate: vim security update
2021-11-09 13:22:45
redhat
redhat
(RHSA-2022:0366) Moderate: vim security update
2022-02-01 20:12:46
(RHSA-2021:4517) Moderate: vim security update
2021-11-09 13:22:45
(RHSA-2022:0476) Important: Red Hat OpenShift GitOps security update
2022-02-08 22:00:22
almalinux
almalinux
Moderate: vim security update
2022-02-01 20:12:46
Moderate: vim security update
2021-11-09 13:22:45
Moderate: vim security update
2022-03-15 09:11:53
rocky
rocky
vim security update
2022-02-01 20:12:46
vim security update
2021-11-09 13:22:45
vim security update
2022-02-02 04:36:58
fedora
fedora
[SECURITY] Fedora 33 Update: vim-8.2.3512-1.fc33
2021-10-23 03:25:44
[SECURITY] Fedora 35 Update: vim-8.2.3512-1.fc35
2021-10-29 23:26:46
[SECURITY] Fedora 35 Update: vim-8.2.3582-1.fc35
2021-11-10 02:56:46
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-3928, CVE-2021-3927
2021-12-06 15:16:35
Fix of CVE: CVE-2021-3778, CVE-2021-3796
2021-10-11 15:13:49
Fix of CVE: CVE-2021-3778, CVE-2021-3796
2021-10-20 15:51:58
mageia
mageia
Updated vim packages fix security vulnerability
2021-10-21 00:28:32
Updated vim packages fix security vulnerability
2021-12-03 21:45:31
Updated vim packages fix security vulnerability
2021-12-08 23:04:18
f5
f5
ibm
ibm
ubuntu
ubuntu
Vim vulnerabilities
2021-11-15 00:00:00
Vim vulnerabilities
2021-09-28 00:00:00
Vim vulnerabilities
2022-06-02 00:00:00
cloudfoundry
cloudfoundry
USN-5093-1: Vim vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
USN-5247-1: Vim vulnerabilities | Cloud Foundry
2022-03-15 00:00:00
debian
debian
[SECURITY] [DLA 2947-1] vim security update
2022-03-11 22:50:56
[SECURITY] [DLA 2876-1] vim security update
2022-01-10 21:50:21
photon
photon
Important Photon OS Security Update - PHSA-2021-0430
2021-12-21 00:00:00
Critical Photon OS Security Update - PHSA-2022-0344
2022-01-11 00:00:00
ubuntucve
ubuntucve
amazon
amazon
debiancve
debiancve
redhatcve
redhatcve
cnvd
cnvd
Vim Resource Management Error Vulnerability (CNVD-2022-03944)
2022-01-14 00:00:00
Vim Buffer Overflow Vulnerability (CNVD-2022-05070)
2021-11-08 00:00:00
vim buffer overflow vulnerability (CNVD-2022-20799)
2022-01-27 00:00:00
alpinelinux
alpinelinux
veracode
veracode
Null Pointer Dereference
2022-01-23 17:56:37
Denial Of Service (DoS)
2021-11-23 02:49:39
Denial Of Service (DoS)
2021-11-23 02:49:41
cve
cve
prion
prion
Heap overflow
2021-11-05 15:15:00
Design/Logic Flaw
2021-09-15 13:15:00
Design/Logic Flaw
2021-11-05 15:15:00
cbl_mariner
cbl_mariner
CVE-2021-3927 affecting package vim 8.2.3564-2
2021-12-17 20:09:33
CVE-2021-3928 affecting package vim 8.2.3564-2
2021-12-17 20:09:33
CVE-2021-3796 affecting package vim 8.1.1667-1
2021-11-03 19:21:17
huntr
huntr
Use of Uninitialized Variable in vim/vim
2021-10-29 09:48:03
in vim/vim
2022-01-23 17:21:55
Heap-based Buffer Overflow in vim/vim
2021-10-26 21:52:33