发布时间: 2023年11月10日
修改时间: 2023年11月10日
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it s possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.
| NVD | openEuler | |
|---|---|---|
| CVSS评分 | 5.5 | 4.0 |
| Attack Vector | Local | Local |
| Attack Complexity | Low | Low |
| Privileges Required | Low | None |
| User Interaction | None | None |
| Scope | Unchanged | Unchanged |
| Confidentiality | None | None |
| Integrity | None | None |
| Availability | High | Low |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2023-1832 | vim security update | 2023年11月10日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | vim | Fixed |
| KY3.4-5A | vim | Fixed |
| KY3.5.1 | vim | Fixed |
| KY3.5.2 | vim | Fixed |
