First published: Mon May 09 2022(Updated: )
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Credit: CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0392 CVE-2022-0554 CVE-2022-0572 CVE-2022-0629 CVE-2022-0685 CVE-2022-0696 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1381 CVE-2022-1420 CVE-2022-1725 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 CVE-2022-1629 CVE-2022-1674 CVE-2022-1733 CVE-2022-1735 CVE-2022-1769 CVE-2022-1927 CVE-2022-1942 CVE-2022-1968 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 CVE-2022-1720 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 security@huntr.dev security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Vim Vim | <8.2.4919 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Fedoraproject Fedora | =34 | |
Fedoraproject Fedora | =35 | |
Apple macOS | <13.0 | |
<13 | 13 | |
debian/vim | <=2:8.2.2434-3+deb11u1 | 2:9.0.1378-2 2:9.1.0861-1 |
<8.2.4919 | ||
=9.0 | ||
=10.0 | ||
=34 | ||
=35 | ||
<13.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2022-1621.
The affected software includes Vim versions prior to 8.2.4919 on Ubuntu, Vim versions prior to 2:8.2.2434-3+deb11u1 on Debian, and Apple macOS Ventura version 13.
The severity of CVE-2022-1621 is high. It is capable of crashing software, bypassing protection mechanisms, modifying memory, and possibly remote execution.
To fix CVE-2022-1621 on Ubuntu, update Vim to version 8.2.4919.
To fix CVE-2022-1621 on Debian, update Vim to version 2:8.2.2434-3+deb11u1.