CVE-2024-43802 — Heap-based Buffer Overflow in Azl3 VIM 9.1.0697-1 ON Azure Linux 3.0

CWE-122 — Heap-based Buffer Overflow7 documents6 sources

Severity

4.5MEDIUMNVD

EPSS

0.1%

top 76.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM Msrc Azl3 VIM 9.1.0697-1 ON Azure Linux 3.0 +7 more

Timeline

PublishedAug 26

Latest updateOct 16

Description

Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enou…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 1.0 | Impact: 3.4

Affected Packages11 packages

▶msrcmsrc/azl3_vim_9.1.0697-1_on_azure_linux_3.0

▶msrcmsrc/cbl2_vim_9.1.0697-1_on_cbl_mariner_2.0

▶CVEListV5vim/vim< 9.1.0697

▶debiandebian/vim< vim 2:9.0.1378-2+deb12u1 (bookworm)

▶Debianvim/vim< 2:8.2.2434-3+deb11u2+3

🔴Vulnerability Details

OSV

CVE-2024-43802: Vim is an improved version of the unix vi text editor↗2024-08-26

▶

📋Vendor Advisories

Ubuntu

Vim vulnerability↗2024-10-16

▶

Ubuntu

Vim vulnerability↗2024-10-01

▶

Red Hat

vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling↗2024-08-26

▶

Microsoft

heap-buffer-overflow in ins_typebuf() in Vim < 9.1.0697↗2024-08-13

▶

Debian

CVE-2024-43802: vim - Vim is an improved version of the unix vi text editor. When flushing the typeahe...↗2024

▶