Lucene search

K
redhatcveRedhat.comRH:CVE-2022-3099
HistorySep 05, 2022 - 5:28 a.m.

CVE-2022-3099

2022-09-0505:28:48
redhat.com
access.redhat.com
25
vim
use-after-free
do_cmdline()
vulnerability
crash
code execution
memory corruption
untrusted scripts

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

40.9%

A use-after-free vulnerability was found in vim’s do_cmdline() function of the src/ex_docmd.c file. The issue triggers when an invalid line number on :for is ignored. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering use-after-free that causes an application to crash, possibly executing code and corrupting memory.

Mitigation

Untrusted vim scripts with -s [scriptin] are not recommended to run.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

40.9%