Lucene search

Veracode Vulnerability DatabaseVERACODE:44518

HistoryNov 30, 2023 - 8:26 p.m.

Use After Free

2023-11-3020:26:22

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vim

heap based

use after free

vulnerability

denial of service

dos

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

17.8%

JSON

Vim is vulnerable to Heap Based Use After Free. The vulnerability is caused when executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part causing a free-ing of the memory because of recursive :s call which may later be accessed by the initial :s command. This can lead to crash of Vim resulting in Denial Of Service (DOS). The attack will work reliably only for the very first :s command.

CPENameOperatorVersion
vim:edgeeq8.2.4708-r0
vim:edgeeq9.0.0369-r0
vim:edgeeq8.2.0-r0
vim:edgeeq8.2.3082-r0
vim:edgeeq9.0.1568-r0
vim:edgeeq9.0.1520-r0
vim:edgeeq9.0.1291-r0
vim:edgeeq9.0.0999-r0
vim:edgeeq9.0.1215-r0
vim:edgeeq9.0.1495-r0

Name	Operator	Version
vim:edge	eq	8.2.4708-r0
vim:edge	eq	9.0.0369-r0
vim:edge	eq	8.2.0-r0
vim:edge	eq	8.2.3082-r0
vim:edge	eq	9.0.1568-r0
vim:edge	eq	9.0.1520-r0
vim:edge	eq	9.0.1291-r0
vim:edge	eq	9.0.0999-r0
vim:edge	eq	9.0.1215-r0
vim:edge	eq	9.0.1495-r0