Vulnerability CVE-2022-2581: Information

Description

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-2581

Published: Aug. 1, 2022

Modified: Aug. 5, 2022

Error type identifier: CWE-125

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
vim	sisyphus	9.0.0143-alt1	9.1.0050-alt3	ALT-PU-2022-2600-1	304834	Fixed
vim	sisyphus_e2k	9.0.0143-alt1	9.1.0050-alt3	ALT-PU-2022-6151-1	-	Fixed
vim	sisyphus_riscv64	9.0.0143-alt1	9.1.0050-alt3	ALT-PU-2022-6155-1	-	Fixed
vim	p10	9.0.0143-alt1	9.1.0050-alt3	ALT-PU-2022-2637-1	306790	Fixed
vim	p10_e2k	9.0.0143-alt1	9.1.0050-alt3	ALT-PU-2022-6266-1	-	Fixed
vim	p9	9.0.0827-alt1	9.0.0827-alt1	ALT-PU-2022-3192-1	309683	Fixed
vim	p9_e2k	9.0.0827-alt1	9.0.0827-alt1	ALT-PU-2022-7361-1	-	Fixed
vim	c10f1	9.0.0143-alt1	9.1.0050-alt2	ALT-PU-2022-2637-1	306790	Fixed
vim	c9f2	9.0.0143-alt1	9.1.0050-alt2	ALT-PU-2022-2659-1	306789	Fixed
vim	p11	9.0.0143-alt1	9.1.0050-alt3	ALT-PU-2022-2600-1	304834	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b	Exploit Patch Third Party Advisory
https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88	Patch Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
  End excliding
  9.0.0104

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla

Version: v24.5.3