CLSA-2026-1777942724 vim: Fix of 3 CVEs

CVE-2021-3928: fix reading uninitialized memory in spell suggestions spellsuggest.c - CVE-2022-1616: fix buffer overflow in invalid command with composing chars exdocmd.c - CVE-2022-1620: fix NULL pointer dereference when using invalid pattern buffer.c...

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to the usage of invalid index when looking for spell suggestions which causes out-of-bound reads which then lead to an application crash...

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443

CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'...

CLSA-2022-1645466182 Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443

CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'...

CVE-2022-0408

A flaw was found in vim. The vulnerability occurs due to stack corruption when looking for spell suggestions and leads to a stack buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scripti...

CLSA-2021-1639681859 Fix CVE(s): CVE-2021-3927, CVE-2021-3928

SECURITY UPDATE: Fix heap-based buffer overflow when reading character past end of line - debian/patches/CVE-2021-3927.patch: Correct the cursor column in src/exdocmd.c. - CVE-2021-3927 SECURITY UPDATE: Fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestion...

CLSA-2021-1638803795 Fix of CVE: CVE-2021-3928, CVE-2021-3927

CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...

Fix of CVE: CVE-2021-3928, CVE-2021-3927

CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...

CLSA-2021-1637770001 Fixed CVEs in vim: CVE-2021-3928, CVE-2021-3927

CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...

Fix of CVE: CVE-2021-3928, CVE-2021-3927

CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...