vim is vulnerable to denial of service. The vulnerability exists due to the use after free in the qf_update_buffer
function of quickfix.c
, allowing an attacker to cause an application crash through malicious input.
seclists.org/fulldisclosure/2023/Jan/19
github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731
lists.debian.org/debian-lts-announce/2022/11/msg00009.html
lists.fedoraproject.org/archives/list/[email protected]/message/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK/
lists.fedoraproject.org/archives/list/[email protected]/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/
lists.fedoraproject.org/archives/list/[email protected]/message/JYEK5RNMH7MVQH6RPBKLSCCA6NMIKHDV/
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202305-16
security.netapp.com/advisory/ntap-20221223-0004/
support.apple.com/kb/HT213605
vuldb.com/?id.212324