MGASA-2022-0223

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0223.html

Import Source

https://advisories.mageia.org/MGASA-2022-0223.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0223

Related

CVE-2022-1851
CVE-2022-1886
CVE-2022-1897
CVE-2022-1898
CVE-2022-1927
CVE-2022-1942

Published

2022-06-09T20:49:47Z

Modified

2022-06-09T20:06:44Z

Summary

Updated vim packages fix security vulnerability

Details

out-of-bounds read in gcharcursor() in misc1.c (CVE-2022-1851) use-after-free in findpatterninpath() in search.c (CVE-2022-1898) out-of-bounds write in vimregsubboth() in regexp.c (CVE-2022-1897) buffer over-read in utfptr2char() in mbyte.c (CVE-2022-1927 ) out of bounds write in vimregsubboth() (CVE-2022-1942) heap-based buffer overflow in function utfhead_off (CVE-2022-1886)

References

https://advisories.mageia.org/MGASA-2022-0223.html
https://bugs.mageia.org/show_bug.cgi?id=30503
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2022-0223

Affected packages