What is CVE-2022-0554?

CVE-2022-0554 is a vulnerability in the GitHub repository vim/vim that allows the use of an out-of-range pointer offset.

How does CVE-2022-0554 impact Ubuntu?

CVE-2022-0554 affects Ubuntu versions vim 8.2.4327, vim 2:7.4.1689-3ubuntu1.5+, vim 2:8.0.1453-1ubuntu1.13, vim 2:8.1.2269-1ubuntu5.14, vim 2:8.2.3995-1ubuntu2.7, and vim 2:7.4.052-1ubuntu3.1+.

How can I fix CVE-2022-0554 on Ubuntu?

To fix CVE-2022-0554 on Ubuntu, update the vim package to version 8.2.4327, 2:7.4.1689-3ubuntu1.5+, 2:8.0.1453-1ubuntu1.13, 2:8.1.2269-1ubuntu5.14, 2:8.2.3995-1ubuntu2.7, or 2:7.4.052-1ubuntu3.1+.

Does macOS Ventura have a vulnerability to CVE-2022-0554?

Yes, macOS Ventura is vulnerable to CVE-2022-0554, and the recommended version to remediate the vulnerability is up to version 13.

What is the remedy for the vulnerability in Debian vim package to CVE-2022-0554?

The remedy for the vulnerability in the Debian vim package to CVE-2022-0554 is to update to versions 2:8.1.0875-5+deb10u5, 2:9.0.1378-2, or 2:9.0.1894-1.

Vulnerability/
CVE-2022-0554

high

8.4

CWE

823 119

10/2/2022

2/8/2024

CVE-2022-0554: Use of Out-of-range Pointer Offset in vim/vim

First published: Thu Feb 10 2022(Updated: )

Last updated 24 July 2024

Credit: security@huntr.dev security@huntr.dev

Affected Software	Affected Version	How to fix
Vim Vim	<8.2.4327
Fedoraproject Fedora	=34
Debian Debian Linux	=9.0
Debian Debian Linux	=10.0
Apple macOS	<13.0
	<13	13
debian/vim	<=2:8.2.2434-3+deb11u1	2:9.0.1378-2 2:9.1.0777-1 2:9.1.0861-1

Remedy

https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8

Remedy

https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

HT213488

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2022-42795
CVE-2022-48577
CVE-2022-32858
CVE-2022-32898
CVE-2022-32899
CVE-2022-46721
CVE-2022-47915
CVE-2022-47965
CVE-2022-32889
CVE-2022-32907
CVE-2022-32827
CVE-2022-32877
CVE-2022-42789
CVE-2022-42825
CVE-2022-46722
CVE-2022-32902
CVE-2022-32904
CVE-2022-32890
CVE-2022-42796
CVE-2022-42798
CVE-2022-32940
CVE-2022-42816
CVE-2022-42821
CVE-2022-42860
CVE-2022-42819
CVE-2022-42813
CVE-2022-26730
CVE-2022-32945
CVE-2022-42838
CVE-2022-48683
CVE-2022-22663
CVE-2022-32867
CVE-2022-32205
CVE-2022-32206
CVE-2022-32207
CVE-2022-32208
CVE-2022-42814
CVE-2022-32865
CVE-2022-32915
CVE-2022-32928
CVE-2022-22643
CVE-2022-32935
CVE-2022-42788
CVE-2022-48504
CVE-2022-32905
CVE-2022-42833
CVE-2022-32947
CVE-2022-42809
CVE-2022-3437
CVE-2022-32849
CVE-2022-32913
CVE-2022-32809
CVE-2022-1622
CVE-2022-32936
CVE-2022-42820
CVE-2022-42806
CVE-2022-32864
CVE-2022-32866
CVE-2022-32911
CVE-2022-32924
CVE-2022-32914
CVE-2022-42808
CVE-2022-32944
CVE-2022-42803
CVE-2022-32926
CVE-2022-42801
CVE-2022-46712
CVE-2022-42815
CVE-2022-42834
CVE-2022-46707
CVE-2022-32883
CVE-2022-32908
CVE-2022-42810
CVE-2021-39537
CVE-2022-29458
CVE-2022-42818
CVE-2022-32879
CVE-2022-32895
CVE-2022-46713
CVE-2022-42807
CVE-2022-32918
CVE-2022-42829
CVE-2022-42830
CVE-2022-42831
CVE-2022-42832
CVE-2022-32941
CVE-2022-28739
CVE-2022-32881
CVE-2022-32862
CVE-2022-32931
CVE-2022-42811
CVE-2022-42793
CVE-2022-32876
CVE-2022-32938
CVE-2022-42790
CVE-2022-32870
CVE-2022-32934
CVE-2022-42791
CVE-2021-36690
CVE-2022-48505
CVE-2022-26699
CVE-2022-0261
CVE-2022-0318
CVE-2022-0319
CVE-2022-0351
CVE-2022-0359
CVE-2022-0361
CVE-2022-0368
CVE-2022-0392
CVE-2022-0554
CVE-2022-0572
CVE-2022-0629
CVE-2022-0685
CVE-2022-0696
CVE-2022-0714
CVE-2022-0729
CVE-2022-0943
CVE-2022-1381
CVE-2022-1420
CVE-2022-1725
CVE-2022-1616
CVE-2022-1619
CVE-2022-1620
CVE-2022-1621
CVE-2022-1629
CVE-2022-1674
CVE-2022-1733
CVE-2022-1735
CVE-2022-1769
CVE-2022-1927
CVE-2022-1942
CVE-2022-1968
CVE-2022-1851
CVE-2022-1897
CVE-2022-1898
CVE-2022-1720
CVE-2022-2000
CVE-2022-2042
CVE-2022-2124
CVE-2022-2125
CVE-2022-2126
CVE-2022-42828
CVE-2022-32875
CVE-2022-42826
CVE-2022-32886
CVE-2022-32888
CVE-2022-32912
CVE-2022-42799
CVE-2022-42823
CVE-2022-42824
CVE-2022-32923
CVE-2022-32922
CVE-2022-32892
CVE-2022-32833
CVE-2022-46709
CVE-2022-37434
CVE-2022-42800

Frequently Asked Questions

What is CVE-2022-0554?
CVE-2022-0554 is a vulnerability in the GitHub repository vim/vim that allows the use of an out-of-range pointer offset.
How does CVE-2022-0554 impact Ubuntu?
CVE-2022-0554 affects Ubuntu versions vim 8.2.4327, vim 2:7.4.1689-3ubuntu1.5+, vim 2:8.0.1453-1ubuntu1.13, vim 2:8.1.2269-1ubuntu5.14, vim 2:8.2.3995-1ubuntu2.7, and vim 2:7.4.052-1ubuntu3.1+.
How can I fix CVE-2022-0554 on Ubuntu?
To fix CVE-2022-0554 on Ubuntu, update the vim package to version 8.2.4327, 2:7.4.1689-3ubuntu1.5+, 2:8.0.1453-1ubuntu1.13, 2:8.1.2269-1ubuntu5.14, 2:8.2.3995-1ubuntu2.7, or 2:7.4.052-1ubuntu3.1+.
Does macOS Ventura have a vulnerability to CVE-2022-0554?
Yes, macOS Ventura is vulnerable to CVE-2022-0554, and the recommended version to remediate the vulnerability is up to version 13.
What is the remedy for the vulnerability in Debian vim package to CVE-2022-0554?
The remedy for the vulnerability in the Debian vim package to CVE-2022-0554 is to update to versions 2:8.1.0875-5+deb10u5, 2:9.0.1378-2, or 2:9.0.1894-1.

collector/nvd-index
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/remedy
agent/author
agent/weakness
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/description
agent/references
collector/apple-support
source/Apple
alias/CVE-2022-0318
alias/CVE-2022-0319
alias/CVE-2022-0351
alias/CVE-2022-0359
alias/CVE-2022-0361
alias/CVE-2022-0368
alias/CVE-2022-0392
alias/CVE-2022-0554
alias/CVE-2022-0572
alias/CVE-2022-0629
alias/CVE-2022-0685
alias/CVE-2022-0696
alias/CVE-2022-0714
alias/CVE-2022-0729
alias/CVE-2022-0943
alias/CVE-2022-1381
alias/CVE-2022-1420
alias/CVE-2022-1725
alias/CVE-2022-1616
alias/CVE-2022-1619
alias/CVE-2022-1620
alias/CVE-2022-1621
alias/CVE-2022-1629
alias/CVE-2022-1674
alias/CVE-2022-1733
alias/CVE-2022-1735
alias/CVE-2022-1769
alias/CVE-2022-1927
alias/CVE-2022-1942
alias/CVE-2022-1968
alias/CVE-2022-1851
alias/CVE-2022-1897
alias/CVE-2022-1898
alias/CVE-2022-1720
alias/CVE-2022-2000
alias/CVE-2022-2042
alias/CVE-2022-2124
alias/CVE-2022-2125
alias/CVE-2022-2126
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/title
agent/event
agent/tags
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
vendor/vim
canonical/vim vim
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/34
vendor/debian
canonical/debian debian linux
version/debian debian linux/9.0
version/debian debian linux/10.0
vendor/apple
canonical/apple macos
package-manager/debian

CVE-2022-0554: Use of Out-of-range Pointer Offset in vim/vim

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Peer vulnerabilities

Frequently Asked Questions

What is CVE-2022-0554?

How does CVE-2022-0554 impact Ubuntu?

How can I fix CVE-2022-0554 on Ubuntu?

Does macOS Ventura have a vulnerability to CVE-2022-0554?

What is the remedy for the vulnerability in Debian vim package to CVE-2022-0554?

Company

Resources

Contact