CVE-2017-17087 — Resource Exposure in VIM

CWE-668 — Resource Exposure CWE-266 — Incorrect Privilege Assignment11 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.2%

top 63.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM Canonical Ubuntu Linux +1 more

Timeline

PublishedDec 1

Latest updateMay 13

Description

fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDvim/vim< 8.0.1263

▶debiandebian/vim< vim 2:8.0.1401-1 (bookworm)

▶Debianvim/vim< 2:8.0.1401-1+3

▶Ubuntuvim/vim< 2:7.4.1689-3ubuntu1.5+5

Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 16.04, 18.04

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-fmc8-f7rh-x4p9: fileio↗2022-05-13

▶

OSV

vim vulnerabilities↗2021-11-15

▶

OSV

vim vulnerabilities↗2020-10-14

▶

OSV

CVE-2017-17087: fileio↗2017-12-01

▶

📋Vendor Advisories

Ubuntu

Vim vulnerabilities↗2021-11-15

▶

Ubuntu

Vim vulnerabilities↗2020-10-14

▶

Red Hat

vim: Sets the group ownership of a .swp file to the editor's primary group↗2017-11-04

▶

Debian

CVE-2017-17087: vim - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the...↗2017

▶

💬Community

Bugzilla

CVE-2017-17087 vim: Sets the group ownership of a .swp file to the editor's primary group↗2017-12-11

▶

Bugzilla

CVE-2017-17087 vim: Sets the group ownership of a .swp file to the editor's primary group [fedora-26]↗2017-12-11

▶