usn-5458-1
Vulnerability from osv_ubuntu
Published
2022-06-02 12:21
Modified
2026-06-25 10:46
Summary
vim vulnerabilities
Details

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2021-4193)

It was discovered that Vim was not properly performing bounds checks when updating windows present on a screen, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0213)

It was discovered that Vim was incorrectly handling window exchanging operations when in Visual mode, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-0319)

It was discovered that Vim was incorrectly handling recursion when parsing conditional expressions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0351)

It was discovered that Vim was not properly handling memory allocation when processing data in Ex mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0359)

It was discovered that Vim was not properly performing bounds checks when executing line operations in Visual mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0361, CVE-2022-0368)

It was discovered that Vim was not properly handling loop conditions when looking for spell suggestions, which could result in a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0408)

It was discovered that Vim was incorrectly handling memory access when executing buffer operations, which could result in the usage of freed memory. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0443)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2021-4193",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0213",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0319",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0351",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0359",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0361",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0368",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0408",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0443",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "vim",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-athena",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-athena-py2",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-common",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gnome",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gnome-py2",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gtk",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gtk-py2",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gtk3",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gtk3-py2",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-gui-common",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-nox",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-nox-py2",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-runtime",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          },
          {
            "binary_name": "vim-tiny",
            "binary_version": "2:7.4.1689-3ubuntu1.5+esm5"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "vim",
        "purl": "pkg:deb/ubuntu/vim@2:7.4.1689-3ubuntu1.5+esm5?arch=source\u0026distro=esm-infra/xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:7.4.1689-3ubuntu1.5+esm5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2:7.4.712-2ubuntu4",
        "2:7.4.826-1ubuntu1",
        "2:7.4.826-1ubuntu2",
        "2:7.4.826-1ubuntu3",
        "2:7.4.963-1ubuntu1",
        "2:7.4.963-1ubuntu4",
        "2:7.4.963-1ubuntu5",
        "2:7.4.1689-3ubuntu1",
        "2:7.4.1689-3ubuntu1.1",
        "2:7.4.1689-3ubuntu1.2",
        "2:7.4.1689-3ubuntu1.3",
        "2:7.4.1689-3ubuntu1.4",
        "2:7.4.1689-3ubuntu1.5",
        "2:7.4.1689-3ubuntu1.5+esm2",
        "2:7.4.1689-3ubuntu1.5+esm3",
        "2:7.4.1689-3ubuntu1.5+esm4"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that Vim was incorrectly handling virtual column\nposition operations, which could result in an out-of-bounds read. An\nattacker could possibly use this issue to expose sensitive\ninformation. (CVE-2021-4193)\n\nIt was discovered that Vim was not properly performing bounds checks\nwhen updating windows present on a screen, which could result in a\nheap buffer overflow. An attacker could possibly use this issue to\ncause a denial of service or execute arbitrary code. (CVE-2022-0213)\n\nIt was discovered that Vim was incorrectly handling window\nexchanging operations when in Visual mode, which could result in an\nout-of-bounds read. An attacker could possibly use this issue to\nexpose sensitive information. (CVE-2022-0319)\n\nIt was discovered that Vim was incorrectly handling recursion when\nparsing conditional expressions. An attacker could possibly use this\nissue to cause a denial of service or execute arbitrary code.\n(CVE-2022-0351)\n\nIt was discovered that Vim was not properly handling memory\nallocation when processing data in Ex mode, which could result in a\nheap buffer overflow. An attacker could possibly use this issue to\ncause a denial of service or execute arbitrary code.\n(CVE-2022-0359)\n\nIt was discovered that Vim was not properly performing bounds checks\nwhen executing line operations in Visual mode, which could result in\na heap buffer overflow. An attacker could possibly use this issue to\ncause a denial of service or execute arbitrary code.\n(CVE-2022-0361, CVE-2022-0368)\n\nIt was discovered that Vim was not properly handling loop conditions\nwhen looking for spell suggestions, which could result in a stack\nbuffer overflow. An attacker could possibly use this issue to cause\na denial of service or execute arbitrary code. (CVE-2022-0408)\n\nIt was discovered that Vim was incorrectly handling memory access\nwhen executing buffer operations, which could result in the usage of\nfreed memory. An attacker could possibly use this issue to execute\narbitrary code. (CVE-2022-0443)\n",
  "id": "USN-5458-1",
  "modified": "2026-06-25T10:46:06Z",
  "published": "2022-06-02T12:21:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-5458-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-4193"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0213"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0319"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0351"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0359"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0361"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0368"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0408"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0443"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "vim vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2021-4193",
    "UBUNTU-CVE-2022-0213",
    "UBUNTU-CVE-2022-0319",
    "UBUNTU-CVE-2022-0351",
    "UBUNTU-CVE-2022-0359",
    "UBUNTU-CVE-2022-0361",
    "UBUNTU-CVE-2022-0368",
    "UBUNTU-CVE-2022-0408",
    "UBUNTU-CVE-2022-0443"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…