CVE-2023-4750
Published: September 4, 2023Last modified: September 5, 2023
Description
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.8 |
Attack Vector | LOCAL |
Attack complexity | LOW |
Privileges required | NONE |
User interaction | REQUIRED |
Scope | UNCHANGED |
Confidentiality | HIGH |
Integrity impact | HIGH |
Availability impact | HIGH |
Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Status
Product | Release | Package | Status |
---|---|---|---|
Alpaquita Linux | 23 LTS | vim | Vulnerable (9.0.0999-r0) |
Stream | vim | Fixed (9.0.2127-r0) |
References
- http://seclists.org/fulldisclosure/2023/Oct/24
- https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed
- https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea
- https://lists.fedoraproject.org/archives/list/[email protected]/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/
- https://support.apple.com/kb/HT213984