Operating System:

[Debian]

Published:

25 November 2022

Protect yourself against future threats.

//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.

Read more
Resources > Security Bulletins > ESB-2022.6148 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.6148
                            vim security update
                             25 November 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           vim
Publisher:         Debian
Operating System:  Debian GNU/Linux
Resolution:        Patch/Upgrade
CVE Names:         CVE-2022-3352 CVE-2022-3256 CVE-2022-3235
                   CVE-2022-2129 CVE-2022-2000 CVE-2022-1942
                   CVE-2022-1897 CVE-2022-1785 CVE-2022-1621
                   CVE-2022-1619 CVE-2022-0696 CVE-2022-0629
                   CVE-2022-0392 CVE-2022-0318 

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html

Comment: CVSS (Max):  9.8 CVE-2022-0318 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: NVD
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3204-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                        Helmut Grohne
November 24, 2022                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : vim
Version        : 2:8.1.0875-5+deb10u4
CVE ID         : CVE-2022-0318 CVE-2022-0392 CVE-2022-0629 CVE-2022-0696
                 CVE-2022-1619 CVE-2022-1621 CVE-2022-1785 CVE-2022-1897
                 CVE-2022-1942 CVE-2022-2000 CVE-2022-2129 CVE-2022-3235
                 CVE-2022-3256 CVE-2022-3352

This update fixes multiple memory access violations in vim.

CVE-2022-0318

    Heap-based Buffer Overflow

CVE-2022-0392

    Heap-based Buffer Overflow

CVE-2022-0629

    Stack-based Buffer Overflow

CVE-2022-0696

    NULL Pointer Dereference

CVE-2022-1619

    Heap-based Buffer Overflow in function cmdline_erase_chars.  This
    vulnerabilities are capable of crashing software, modify memory, and
    possible remote execution

CVE-2022-1621

    Heap buffer overflow in vim_strncpy find_word. This vulnerability is
    capable of crashing software, Bypass Protection Mechanism, Modify
    Memory, and possible remote execution

CVE-2022-1785

    Out-of-bounds Write

CVE-2022-1897

    Out-of-bounds Write

CVE-2022-1942

    Heap-based Buffer Overflow

CVE-2022-2000

    Out-of-bounds Write

CVE-2022-2129

    Out-of-bounds Write

CVE-2022-3235

    Use After Free

CVE-2022-3256

    Use After Free

CVE-2022-3352

    Use After Free

For Debian 10 buster, these problems have been fixed in version
2:8.1.0875-5+deb10u4.

We recommend that you upgrade your vim packages.

For the detailed security status of vim please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vim

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


- -----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEETMLS2QqNFlTb+HOqLRqqzyREREIFAmN/Nr0ACgkQLRqqzyRE
REJW5w//WRA4EEZnPWgQf587N9lHJbQ1hAW0ql2ImaAbdw58Z8RMHgcyuVoMzPtm
kDdg6b8zLNRxi07oBzRpgP+ytGPSxZpY+FixBpEOOjuq4gnWHlYS/G8jTWyhetOf
uA7NJaJqT7gR4ev1lZ7gXG7o95iCWCpFNZ9dZIP64/0ReqlUkfRIEl0B23KBWoto
bk+oySFHjx+bj3h/7UybxIfuFRalgIPsIJ41tqN7bVN3kStpNZbn2pJX46Qy+WA8
/2ck1j1LvT0WUo1dkJ8zN+NLo9IZxI13BVB+sH6GCytLkntshttJe3eTMFrKDYLF
1+3x/ZvnpvL3FGTahSju6XQdJrzoG2DCqIHtYRhJAUmiKfraZnojrDB/9rVEChEP
Zs99WkerM1EOUaXmd1brLOMjlopQQYdE4z8ujtUPavSGRHxghJGATi/9x9RFH6RR
EeW1VxTM+ZxBjHHeAEYi/kMBSZiecdCtLykPgPaZ24Dm082mU522E1PgZp7L94I3
A/XchNcK/Y0lRg2QK9dGf0eQBWC1gXfKjIKd5GwPErkd5l8Q62JcqP3EEY0ZlTvI
LHtKLD32eNJtwXwfIDCmYYBM86XMT1EYKVi9HfT99iQWlJL1QHgfwxXPClTBlGav
caeOgjXd/e/Ky3iwNaahVlT7Zbt8QK9RloVmZNS5mLgoYqPq+P4=
=EeE6
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBY4AZbckNZI30y1K9AQhJYA//WJmgTXOYxyeLLLlvvEG9gyd4rx8NOf2M
SOVQ9MQUWHzr50efPaUUsTO+QxxIgcNgTJcKlmL6e3NKWF6zOgYjMQJQF9sFQ/tN
Kcm+CA8gV3ZOoanP55yfcHfcsTYW/l6aM3Jv7ZtlKtyVXhNN/GLiL6I9ZxIh19lV
qYmvx+xiCITTik9jYlLZbgVY7MihCpcn0/8KyiqPwuLpS+W53wHYx0x4hbNEEASJ
XXyqG6WoZz4j+XyLCFUdtQJ4Xkmgzxwlw8QZZvEA2dQ7SMPW12qhd2m/ImakCHlG
te6rDtFcXVJKAeNLJRzXPozS3YSnPBderVYuzDwtcUgZun4p9J9KH5MpCTSbuU7B
8XmlMfAVVrdgKLuGn8sXOO3fk3iTcflKZ10dduUWmPDBOTAEhUtDVn+UK9JTacDR
atKw9S50oW6CO8ZS2lM/b8lbLIfZ2TsDYoQuQ6fUklDkPNoRH/ibRkjrriSW0Wcr
sbm4uApL97bjl/NT/aD7IpokKCNn1rMhqeOZIYrhRqd/sMvwNtwfdl5TlnPw9hkR
rdxllnOEA5ZWlhtLveb0oYBEzz+7Gjw4y+l78FyBT3sTL9XmBoz+ytYf5qEENNYr
A5YjCkqO1NsKbA/ZKhDyisxFqzdp2KdY+1MESW2VzIOa3lPW8o4zXg5Di9ZEOenf
mRx6nxdhRe0=
=ziXz
-----END PGP SIGNATURE-----