#VU63048 Out-of-bounds write in Vim - CVE-2021-4019

Vulnerability identifier: #VU63048

Vulnerability risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-4019

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Vim
Client/Desktop applications / Software for system administration

Vendor: Vim.org

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Vim: 8.2.0 - 8.2.3668

---

External links
https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142
https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
https://www.openwall.com/lists/oss-security/2022/01/15/1
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.