Vulnerability CVE-2022-0943: Information

Description

Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-0943

Published: March 15, 2022

Modified: Nov. 7, 2023

Error type identifier: CWE-122

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
vim	sisyphus	8.2.4747-alt1	9.1.0050-alt3	ALT-PU-2022-1693-1	298397	Fixed
vim	sisyphus_e2k	8.2.4784-alt1	9.1.0050-alt3	ALT-PU-2022-4810-1	-	Fixed
vim	sisyphus_riscv64	8.2.4747-alt1	9.1.0050-alt3	ALT-PU-2022-4604-1	-	Fixed
vim	p10	8.2.4784-alt1	9.1.0050-alt3	ALT-PU-2022-1731-1	298398	Fixed
vim	p10_e2k	8.2.4784-alt1	9.1.0050-alt3	ALT-PU-2022-4676-1	-	Fixed
vim	p9	8.2.4784-alt1	9.0.0827-alt1	ALT-PU-2022-1771-1	298486	Fixed
vim	p9_e2k	8.2.5019-alt1	9.0.0827-alt1	ALT-PU-2022-5186-1	-	Fixed
vim	c10f1	8.2.4784-alt1	9.1.0050-alt2	ALT-PU-2022-1731-1	298398	Fixed
vim	c9f2	8.2.4747-alt1	9.1.0050-alt2	ALT-PU-2022-1711-1	298484	Fixed
vim	p11	8.2.4747-alt1	9.1.0050-alt3	ALT-PU-2022-1693-1	298397	Fixed

Hyperlink	Resource
https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3	Patch Third Party Advisory
https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1	Exploit Third Party Advisory
[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update	Mailing List Third Party Advisory
GLSA-202208-32	Third Party Advisory
https://support.apple.com/kb/HT213488	Release Notes Third Party Advisory
20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13	Mailing List Release Notes Third Party Advisory
20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13	Mailing List Third Party Advisory
[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update	Mailing List Third Party Advisory
FEDORA-2022-b718ebbfce
FEDORA-2022-e62adccfca

Version: v24.5.3