USN-5995-1

Source
https://ubuntu.com/security/notices/USN-5995-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5995-1.json
Related
Published
2023-04-04T08:58:38.806133Z
Modified
2023-04-04T08:58:38.806133Z
Details

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304, CVE-2022-2345, CVE-2022-2581)

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849, CVE-2022-2923)

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927, CVE-2022-2344)

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2946)

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2980)

References

Affected packages

Ubuntu:22.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:8.2.3995-1ubuntu2.5

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "vim-doc": "2:8.2.3995-1ubuntu2.5",
            "vim-athena": "2:8.2.3995-1ubuntu2.5",
            "vim-gui-common": "2:8.2.3995-1ubuntu2.5",
            "vim": "2:8.2.3995-1ubuntu2.5",
            "vim-tiny": "2:8.2.3995-1ubuntu2.5",
            "vim-common": "2:8.2.3995-1ubuntu2.5",
            "vim-runtime": "2:8.2.3995-1ubuntu2.5",
            "vim-gtk3": "2:8.2.3995-1ubuntu2.5",
            "vim-gtk": "2:8.2.3995-1ubuntu2.5",
            "xxd": "2:8.2.3995-1ubuntu2.5",
            "vim-nox": "2:8.2.3995-1ubuntu2.5"
        }
    ]
}

Ubuntu:18.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:8.0.1453-1ubuntu1.12

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "vim-doc": "2:8.0.1453-1ubuntu1.12",
            "vim-athena": "2:8.0.1453-1ubuntu1.12",
            "vim-gnome": "2:8.0.1453-1ubuntu1.12",
            "vim-gui-common": "2:8.0.1453-1ubuntu1.12",
            "vim": "2:8.0.1453-1ubuntu1.12",
            "vim-tiny": "2:8.0.1453-1ubuntu1.12",
            "vim-common": "2:8.0.1453-1ubuntu1.12",
            "vim-runtime": "2:8.0.1453-1ubuntu1.12",
            "vim-gtk3": "2:8.0.1453-1ubuntu1.12",
            "vim-gtk": "2:8.0.1453-1ubuntu1.12",
            "xxd": "2:8.0.1453-1ubuntu1.12",
            "vim-nox": "2:8.0.1453-1ubuntu1.12"
        }
    ]
}

Ubuntu:20.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:8.1.2269-1ubuntu5.13

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "vim-doc": "2:8.1.2269-1ubuntu5.13",
            "vim-athena": "2:8.1.2269-1ubuntu5.13",
            "vim-gui-common": "2:8.1.2269-1ubuntu5.13",
            "vim": "2:8.1.2269-1ubuntu5.13",
            "vim-tiny": "2:8.1.2269-1ubuntu5.13",
            "vim-common": "2:8.1.2269-1ubuntu5.13",
            "vim-runtime": "2:8.1.2269-1ubuntu5.13",
            "vim-gtk3": "2:8.1.2269-1ubuntu5.13",
            "vim-gtk": "2:8.1.2269-1ubuntu5.13",
            "xxd": "2:8.1.2269-1ubuntu5.13",
            "vim-nox": "2:8.1.2269-1ubuntu5.13"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:7.4.052-1ubuntu3.1+esm8

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "vim-doc": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-gnome": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-gui-common": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-lesstif": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-tiny": "2:7.4.052-1ubuntu3.1+esm8",
            "vim": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-common": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-runtime": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-athena": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-gtk": "2:7.4.052-1ubuntu3.1+esm8",
            "vim-nox": "2:7.4.052-1ubuntu3.1+esm8"
        }
    ]
}