CVE-2023-48232 — Improper Handling of Exceptional Conditions in VIM

CWE-755 — Improper Handling of Exceptional Conditions8 documents7 sources

Severity

4.3MEDIUMNVD

CNA3.9OSV5.5

EPSS

0.1%

top 76.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Fedoraproject Fedora

Timeline

PublishedNov 16

Latest updateDec 14

Description

Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash. …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5vim/vim< 9.0.2107

▶NVDvim/vim< 9.0.2107

▶Debianvim/vim< 2:9.0.2116-1+1

▶Ubuntuvim/vim< 2:8.1.2269-1ubuntu5.21+4

Also affects: Fedora 37, 38, 39

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

vim vulnerabilities↗2023-12-14

▶

OSV

CVE-2023-48232: Vim is an open source command line text editor↗2023-11-16

▶

CVEList

Floating point Exception in adjust_plines_for_skipcol() in vim↗2023-11-16

▶

📋Vendor Advisories

Ubuntu

Vim vulnerabilities↗2023-12-14

▶

Red Hat

vim: floating point exception in adjust_plines_for_skipcol()↗2023-11-16

▶

Microsoft

Floating point Exception in adjust_plines_for_skipcol() in vim↗2023-11-14

▶

Debian

CVE-2023-48232: vim - Vim is an open source command line text editor. A floating point exception may o...↗2023

▶