{"id":"MGASA-2022-0203","summary":"Updated vim packages fix security vulnerability","details":"vim is vulnerable to out of bounds read (CVE-2022-0213)\nHeap-based Buffer Overflow in block_insert() in src/ops.c (CVE-2022-0261)\na heap-based OOB read of size 1 (CVE-2022-0128)\nheap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318)\naccess of memory location before start of buffer (CVE-2022-0351)\nheap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359)\nStack-based Buffer Overflow in spellsuggest.c (CVE-2022-0408)\nuse after free in src/ex_cmds.c (CVE-2022-0413)\nout-of-bounds read in delete_buff_tail() in getchar.c (CVE-2022-0393)\nheap-based-buffer-overflow in ex_retab() of src/indent.c (CVE-2022-0417)\nheap-use-after-free in enter_buffer() of src/buffer.c (CVE-2022-0443)\nheap overflow in ex_retab() may lead to crash (CVE-2022-0572)\nStack-based Buffer Overflow in vim prior to 8.2. (CVE-2022-0629)\nNULL Pointer Dereference in vim prior to 8.2 (CVE-2022-0696)\nbuffer overflow (CVE-2022-0714)\nUse of Out-of-range Pointer Offset (CVE-2022-0729)\nUse of Out-of-range Pointer Offset in vim (CVE-2022-0685)\nUse of Out-of-range Pointer Offset in vim (CVE-2022-0554)\nHeap-based Buffer Overflow occurs in vim (CVE-2022-0943)\nheap buffer overflow in get_one_sourceline (CVE-2022-1160)\nuse after free in utf_ptr2char (CVE-2022-1154)\nglobal heap buffer overflow in skip_range (CVE-2022-1381)\nOut-of-range Pointer Offset (CVE-2022-1420)\nheap-buffer-overflow in append_command of src/ex_docmd.c (CVE-2022-1616)\nheap-buffer-overflow in cmdline_erase_chars of ex_getln.c (CVE-2022-1619)\nNULL Pointer Dereference in vim_regexec_string() of regexp.c (CVE-2022-1620)\nheap buffer overflow (CVE-2022-1621)\nbuffer over-read (CVE-2022-1629)\nNULL pointer dereference in vim_regexec_string() of regexp.c (CVE-2022-1674)\na buffer over-read found in scriptfile.c (CVE-2022-1769)\nHeap-based Buffer Overflow in cindent.c (CVE-2022-1733)\n","modified":"2026-02-04T04:26:21.872634Z","published":"2022-05-25T18:46:18Z","related":["CVE-2022-0128","CVE-2022-0213","CVE-2022-0261","CVE-2022-0318","CVE-2022-0351","CVE-2022-0359","CVE-2022-0393","CVE-2022-0408","CVE-2022-0413","CVE-2022-0417","CVE-2022-0443","CVE-2022-0554","CVE-2022-0572","CVE-2022-0629","CVE-2022-0685","CVE-2022-0696","CVE-2022-0714","CVE-2022-0729","CVE-2022-0943","CVE-2022-1154","CVE-2022-1160","CVE-2022-1381","CVE-2022-1420","CVE-2022-1616","CVE-2022-1619","CVE-2022-1620","CVE-2022-1621","CVE-2022-1629","CVE-2022-1674","CVE-2022-1733","CVE-2022-1769"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0203.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29972"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7JBXG3MU6EZWJGJD6UTHHONHGJBYPQQT/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UCWG5L6CRQWACGVP7CYGESUB3G6QJ3GS/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/"},{"type":"REPORT","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FDNZ3N5S7UGKPUUKPGOQQGPJJK3YTW37/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/"},{"type":"REPORT","url":"https://www.debian.org/lts/security/2022/dla-3011"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083924"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ODXVYZC5Z4XRRZK7CK6B6IURYVYHA25U/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/"}],"affected":[{"package":{"name":"vim","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/vim?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.2.4975-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0203.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}