CVE-2024-41957 — Double Free in VIM

CWE-415 — Double Free9 documents7 sources

Severity

5.3MEDIUMNVD

EPSS

0.1%

top 68.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM Apple Macos Sequoia +8 more

Timeline

PublishedAug 1

Latest updateSep 16

Description

Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-defau…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages14 packages

▶NVDvim/vim< 9.1.0647

▶debiandebian/vim< vim 2:9.1.0698-1 (forky)

▶Alpinevim/vim< 9.1.0652-r0+3

▶Debianvim/vim< 2:9.1.0698-1+1

▶Ubuntuvim/vim< 2:8.1.2269-1ubuntu5.24+5

Patches

Patch: github.com ↗

🔴Vulnerability Details

OSV

vim vulnerabilities↗2024-09-05

▶

OSV

CVE-2024-41957: Vim is an open source command line text editor↗2024-08-01

▶

OSV

CVE-2024-41957: Vim is an open source command line text editor↗2024-08-01

▶

📋Vendor Advisories

Apple

CVE-2024-41957: macOS Sequoia 15↗2024-09-16

▶

Ubuntu

Vim vulnerabilities↗2024-09-05

▶

Microsoft

Vim double free in src/alloc.c:616↗2024-08-13

▶

Red Hat

vim: Double-free/use-after-free vulnerability with Vim editor↗2024-08-01

▶

Debian

CVE-2024-41957: vim - Vim is an open source command line text editor. Vim < v9.1.0647 has double free ...↗2024

▶