SUSE update for vim



Published: 2024-03-07
Risk High
Patch available YES
Number of vulnerabilities 10
CVE-ID CVE-2023-4750
CVE-2023-48231
CVE-2023-48232
CVE-2023-48233
CVE-2023-48234
CVE-2023-48235
CVE-2023-48236
CVE-2023-48237
CVE-2023-48706
CVE-2024-22667
CWE-ID CWE-416
CWE-190
CWE-121
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
SUSE Linux Enterprise Server for SAP Applications 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 12
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 12
Operating systems & Components / Operating system

vim-data-common
Operating systems & Components / Operating system package or component

vim-data
Operating systems & Components / Operating system package or component

vim
Operating systems & Components / Operating system package or component

gvim-debuginfo
Operating systems & Components / Operating system package or component

vim-debuginfo
Operating systems & Components / Operating system package or component

vim-debugsource
Operating systems & Components / Operating system package or component

gvim
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 10 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU80505

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4750

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the is_qf_win() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU83392

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48231

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when closing the window. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Integer overflow

EUVDB-ID: #VU83391

Risk: Low

CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48232

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Integer overflow

EUVDB-ID: #VU83390

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48233

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow if the count after the :s command is larger than what fits into a (signed) long variable. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Integer overflow

EUVDB-ID: #VU83389

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48234

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when using the z= command. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Integer overflow

EUVDB-ID: #VU83388

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48235

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when parsing relative ex addresses. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Integer overflow

EUVDB-ID: #VU83387

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48236

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when using the z= command. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Integer overflow

EUVDB-ID: #VU83386

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48237

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when shifting lines in operator pending mode. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU83442

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48706

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the ex_substitute() function in src/charset.c when executing the ":s" command. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and crash the application.


Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Stack-based buffer overflow

EUVDB-ID: #VU87189

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22667

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the did_set_langmap() function in map.c. A remote attacker can trick the victim to open a specially crafted file, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package vim to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

vim-data-common: before 9.1.0111-17.29.1

vim-data: before 9.1.0111-17.29.1

vim: before 9.1.0111-17.29.1

gvim-debuginfo: before 9.1.0111-17.29.1

vim-debuginfo: before 9.1.0111-17.29.1

vim-debugsource: before 9.1.0111-17.29.1

gvim: before 9.1.0111-17.29.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240783-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###