USN-6420-1

Source
https://ubuntu.com/security/notices/USN-6420-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6420-1.json
Related
Published
2023-10-09T04:10:20.701256Z
Modified
2023-10-09T04:10:20.701256Z
Details

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3235, CVE-2022-3278, CVE-2022-3297, CVE-2022-3491)

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3352, CVE-2022-4292)

It was discovered that Vim incorrectly handled memory when replacing in virtualedit mode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3234)

It was discovered that Vim incorrectly handled memory when autocmd changes mark. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3256)

It was discovered that Vim did not properly perform checks on array index with negative width window. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-3324)

It was discovered that Vim did not properly perform checks on a put command column with a visual block. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3520)

It was discovered that Vim incorrectly handled memory when using autocommand to open a window. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3591)

It was discovered that Vim incorrectly handled memory when updating buffer of the component autocmd handler. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3705)

It was discovered that Vim incorrectly handled floating point comparison with incorrect operator. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. and Ubuntu 22.04 LTS. (CVE-2022-4293)

References

Affected packages

Ubuntu:Pro:18.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:8.0.1453-1ubuntu1.13+esm5

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "vim-doc": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-athena": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-gnome": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-gui-common": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-tiny": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-common": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-runtime": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-gtk3": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-gtk": "2:8.0.1453-1ubuntu1.13+esm5",
            "xxd": "2:8.0.1453-1ubuntu1.13+esm5",
            "vim-nox": "2:8.0.1453-1ubuntu1.13+esm5"
        }
    ]
}

Ubuntu:20.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:8.1.2269-1ubuntu5.18

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "vim-doc": "2:8.1.2269-1ubuntu5.18",
            "vim-athena": "2:8.1.2269-1ubuntu5.18",
            "vim-gui-common": "2:8.1.2269-1ubuntu5.18",
            "vim": "2:8.1.2269-1ubuntu5.18",
            "vim-tiny": "2:8.1.2269-1ubuntu5.18",
            "vim-common": "2:8.1.2269-1ubuntu5.18",
            "vim-runtime": "2:8.1.2269-1ubuntu5.18",
            "vim-gtk3": "2:8.1.2269-1ubuntu5.18",
            "vim-gtk": "2:8.1.2269-1ubuntu5.18",
            "xxd": "2:8.1.2269-1ubuntu5.18",
            "vim-nox": "2:8.1.2269-1ubuntu5.18"
        }
    ]
}

Ubuntu:22.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:8.2.3995-1ubuntu2.12

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "vim-doc": "2:8.2.3995-1ubuntu2.12",
            "vim-athena": "2:8.2.3995-1ubuntu2.12",
            "vim-gui-common": "2:8.2.3995-1ubuntu2.12",
            "vim": "2:8.2.3995-1ubuntu2.12",
            "vim-tiny": "2:8.2.3995-1ubuntu2.12",
            "vim-common": "2:8.2.3995-1ubuntu2.12",
            "vim-runtime": "2:8.2.3995-1ubuntu2.12",
            "vim-gtk3": "2:8.2.3995-1ubuntu2.12",
            "vim-gtk": "2:8.2.3995-1ubuntu2.12",
            "xxd": "2:8.2.3995-1ubuntu2.12",
            "vim-nox": "2:8.2.3995-1ubuntu2.12"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / vim

Package

Name
vim

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2:7.4.052-1ubuntu3.1+esm13

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "vim-doc": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-gnome": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-gui-common": "2:7.4.052-1ubuntu3.1+esm13",
            "vim": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-tiny": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-lesstif": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-common": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-runtime": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-athena": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-gtk": "2:7.4.052-1ubuntu3.1+esm13",
            "vim-nox": "2:7.4.052-1ubuntu3.1+esm13"
        }
    ]
}