- Vulnerability/
- USN-4309-1
USN-4309-1: Vim vulnerabilities
First published: Mon Mar 23 2020(Updated: )
It was discovered that Vim incorrectly handled certain sources. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS (CVE-2017-11109) It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. (CVE-2017-5953) It was discovered that Vim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.06 LTS. (CVE-2018-20786) It was discovered that Vim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-20079) It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2017-6349, CVE-2017-6350)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/vim | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Linux | =19.10 | |
| All of | ||
| ubuntu/vim-common | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Linux | =19.10 | |
| All of | ||
| ubuntu/vim-gui-common | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Linux | =19.10 | |
| All of | ||
| ubuntu/vim-runtime | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Linux | =19.10 | |
| All of | ||
| ubuntu/vim | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Linux | =18.04 | |
| All of | ||
| ubuntu/vim-common | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Linux | =18.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Linux | =18.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Linux | =18.04 | |
| All of | ||
| ubuntu/vim | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/vim-common | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/vim | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/vim-common | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/vim | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Linux | =12.04 | |
| All of | ||
| ubuntu/vim-common | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Linux | =12.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Linux | =12.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Linux | =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2017-11109
- https://ubuntu.com/security/CVE-2017-5953
- https://ubuntu.com/security/CVE-2017-6349
- https://ubuntu.com/security/CVE-2017-6350
- https://ubuntu.com/security/CVE-2018-20786
- https://ubuntu.com/security/CVE-2019-20079
- https://ubuntu.com/security/notices/USN-4016-1
- https://launchpad.net/ubuntu/+source/vim/2:8.1.0875-5ubuntu2.1
- https://launchpad.net/ubuntu/+source/vim/2:8.0.1453-1ubuntu1.3
- https://launchpad.net/ubuntu/+source/vim/2:7.4.1689-3ubuntu1.4
- https://launchpad.net/ubuntu/+source/vim/2:7.4.052-1ubuntu3.1+esm1
- https://launchpad.net/ubuntu/+source/vim/2:7.3.429-2ubuntu2.3
- https://ubuntu.com/security/notices/USN-4309-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-4309-1?
The severity of USN-4309-1 is categorized as a denial of service vulnerability affecting specific versions of Vim.
How do I fix USN-4309-1?
To resolve USN-4309-1, upgrade Vim and related packages to the specified secure versions for your Ubuntu release.
Which versions of Ubuntu are affected by USN-4309-1?
USN-4309-1 affects Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, and Ubuntu 16.04 LTS.
What are the implications of USN-4309-1?
Exploitation of USN-4309-1 can lead to a denial of service condition, potentially disrupting service availability.
Is there a specific CVE associated with USN-4309-1?
Yes, USN-4309-1 is associated with the CVE-2017-11109 vulnerability.
- agent/type
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/title
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/usn
- source/Ubuntu
- anchor-related/USN-4016-1
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu linux
- version/ubuntu linux/19.10
- version/ubuntu linux/18.04
- version/ubuntu linux/16.04
- version/ubuntu linux/14.04
- version/ubuntu linux/12.04