#VU76670 Use of Out-of-range Pointer Offset in Vim - CVE-2023-2426

Cybersecurity Help s.r.o.

Published: 2023-05-30

Vulnerability identifier: #VU76670

Vulnerability risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2426

CWE-ID: CWE-823

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Vim
Client/Desktop applications / Software for system administration

Vendor: Vim.org

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to an out-of-range pointer offset within the mb_charlen() function in mbyte.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Vim: 9.0.0000, 9.0.0001, 9.0.0002, 9.0.0003, 9.0.0004, 9.0.0005, 9.0.0006, 9.0.0007, 9.0.0008, 9.0.0009, 9.0.0010, 9.0.0011, 9.0.0012, 9.0.0013, 9.0.0014, 9.0.0015, 9.0.0016, 9.0.0017, 9.0.0018, 9.0.0019, 9.0.0020, 9.0.0021, 9.0.0022, 9.0.0023, 9.0.0024, 9.0.0025, 9.0.0026, 9.0.0027, 9.0.0028, 9.0.0029, 9.0.0030, 9.0.0031, 9.0.0032, 9.0.0033, 9.0.0034, 9.0.0035, 9.0.0036, 9.0.0037, 9.0.0038, 9.0.0039, 9.0.0040, 9.0.0041, 9.0.0042, 9.0.0043, 9.0.0044, 9.0.0045, 9.0.0046, 9.0.0047, 9.0.0048, 9.0.0049, 9.0.0050, 9.0.0051, 9.0.0052, 9.0.0053, 9.0.0054, 9.0.0055, 9.0.0056, 9.0.0057, 9.0.0058, 9.0.0059, 9.0.0060, 9.0.0061, 9.0.0062, 9.0.0063, 9.0.0064, 9.0.0065, 9.0.0066, 9.0.0067, 9.0.0068, 9.0.0069, 9.0.0070, 9.0.0071, 9.0.0072, 9.0.0073, 9.0.0074, 9.0.0075, 9.0.0076, 9.0.0077, 9.0.0078, 9.0.0079, 9.0.0080, 9.0.0081, 9.0.0082, 9.0.0083, 9.0.0084, 9.0.0085, 9.0.0086, 9.0.0087, 9.0.0088, 9.0.0089, 9.0.0090, 9.0.0091, 9.0.0092, 9.0.0093, 9.0.0094, 9.0.0095, 9.0.0096, 9.0.0097, 9.0.0098, 9.0.0099, 9.0.0100, 9.0.0101, 9.0.0102, 9.0.0103, 9.0.0104, 9.0.0105, 9.0.0106, 9.0.0107, 9.0.0108, 9.0.0109, 9.0.0110, 9.0.0111, 9.0.0112, 9.0.0113, 9.0.0114, 9.0.0115, 9.0.0116, 9.0.0117, 9.0.0118, 9.0.0119, 9.0.0120, 9.0.0121, 9.0.0122, 9.0.0123, 9.0.0124, 9.0.0125, 9.0.0126, 9.0.0127, 9.0.0128, 9.0.0129, 9.0.0130, 9.0.0131, 9.0.0132, 9.0.0133, 9.0.0134, 9.0.0135, 9.0.0136, 9.0.0137, 9.0.0138, 9.0.0139, 9.0.0140, 9.0.0141, 9.0.0142, 9.0.0143, 9.0.0144, 9.0.0145, 9.0.0146, 9.0.0147, 9.0.0148, 9.0.0151, 9.0.0152, 9.0.0153, 9.0.0154, 9.0.0155, 9.0.0156, 9.0.0157, 9.0.0158, 9.0.0159, 9.0.0160, 9.0.0161, 9.0.0162, 9.0.0163, 9.0.0164, 9.0.0165, 9.0.0166, 9.0.0167, 9.0.0168, 9.0.0169, 9.0.0170, 9.0.0171, 9.0.0172, 9.0.0173, 9.0.0174, 9.0.0175, 9.0.0176, 9.0.0177, 9.0.0178, 9.0.0179, 9.0.0180, 9.0.0181, 9.0.0182, 9.0.0183, 9.0.0184, 9.0.0185, 9.0.0186, 9.0.0187, 9.0.0188, 9.0.0189, 9.0.0190, 9.0.0191, 9.0.0192, 9.0.0193, 9.0.0194, 9.0.0195, 9.0.0196, 9.0.0197, 9.0.0198, 9.0.0199, 9.0.0200, 9.0.0201, 9.0.0202, 9.0.0203, 9.0.0204, 9.0.0205, 9.0.0206, 9.0.0207, 9.0.0208, 9.0.0209, 9.0.0210, 9.0.0211, 9.0.0212, 9.0.0213, 9.0.0214, 9.0.0215, 9.0.0216, 9.0.0217, 9.0.0218, 9.0.0219, 9.0.0220, 9.0.0221, 9.0.0222, 9.0.0223, 9.0.0224, 9.0.0225, 9.0.0226, 9.0.0227, 9.0.0228, 9.0.0229, 9.0.0230, 9.0.0231, 9.0.0232, 9.0.0233, 9.0.0234, 9.0.0235, 9.0.0236, 9.0.0237, 9.0.0238, 9.0.0239, 9.0.0240, 9.0.0241, 9.0.0242, 9.0.0243, 9.0.0244, 9.0.0245, 9.0.0246, 9.0.0247, 9.0.0248, 9.0.0249, 9.0.0250, 9.0.0251, 9.0.0252, 9.0.0253, 9.0.0254, 9.0.0255, 9.0.0256, 9.0.0257, 9.0.0258, 9.0.0259, 9.0.0260, 9.0.0261, 9.0.0262, 9.0.0263, 9.0.0264, 9.0.0265, 9.0.0266, 9.0.0267, 9.0.0268, 9.0.0269, 9.0.0270, 9.0.0271, 9.0.0272, 9.0.0275, 9.0.0276, 9.0.0277, 9.0.0278, 9.0.0279, 9.0.0280, 9.0.0281, 9.0.0282, 9.0.0283, 9.0.0284, 9.0.0285, 9.0.0286, 9.0.0287, 9.0.0288, 9.0.0289, 9.0.0290, 9.0.0291, 9.0.0292, 9.0.0293, 9.0.0303, 9.0.0304, 9.0.0305, 9.0.0306, 9.0.0307, 9.0.0308, 9.0.0309, 9.0.0310, 9.0.0311, 9.0.0312, 9.0.0313, 9.0.0314, 9.0.0316, 9.0.0317, 9.0.0318, 9.0.0319, 9.0.0320, 9.0.0321, 9.0.0322, 9.0.0323, 9.0.0324, 9.0.0325, 9.0.0326, 9.0.0328, 9.0.0329, 9.0.0330, 9.0.0331, 9.0.0332, 9.0.0333, 9.0.0334, 9.0.0335, 9.0.0336, 9.0.0337, 9.0.0338, 9.0.0339, 9.0.0340, 9.0.0341, 9.0.0342, 9.0.0343, 9.0.0344, 9.0.0345, 9.0.0346, 9.0.0347, 9.0.0348, 9.0.0349, 9.0.0350, 9.0.0351, 9.0.0352, 9.0.0353, 9.0.0354, 9.0.0355, 9.0.0356, 9.0.0357, 9.0.0358, 9.0.0359, 9.0.0360, 9.0.0361, 9.0.0362, 9.0.0363, 9.0.0364, 9.0.0365, 9.0.0366, 9.0.0367, 9.0.0368, 9.0.0369, 9.0.0370, 9.0.0371, 9.0.0372, 9.0.0373, 9.0.0374, 9.0.0375, 9.0.0376, 9.0.0377, 9.0.0378, 9.0.0379, 9.0.0380, 9.0.0381, 9.0.0382, 9.0.0383, 9.0.0384, 9.0.0385, 9.0.0386, 9.0.0387, 9.0.0388, 9.0.0389, 9.0.0390, 9.0.0391, 9.0.0392, 9.0.0393, 9.0.0394, 9.0.0395, 9.0.0396, 9.0.0397, 9.0.0398, 9.0.0399, 9.0.0400, 9.0.0401, 9.0.0402, 9.0.0403, 9.0.0404, 9.0.0405, 9.0.0406, 9.0.0407, 9.0.0408, 9.0.0409, 9.0.0410, 9.0.0411, 9.0.0412, 9.0.0413, 9.0.0414, 9.0.0415, 9.0.0416, 9.0.0417, 9.0.0418, 9.0.0419, 9.0.0420, 9.0.0421, 9.0.0422, 9.0.0423, 9.0.0424, 9.0.0425, 9.0.0426, 9.0.0427, 9.0.0428, 9.0.0429, 9.0.0430, 9.0.0431, 9.0.0432, 9.0.0433, 9.0.0434, 9.0.0435, 9.0.0436, 9.0.0437, 9.0.0438, 9.0.0439, 9.0.0440, 9.0.0441, 9.0.0442, 9.0.0443, 9.0.0444, 9.0.0445, 9.0.0446, 9.0.0447, 9.0.0448, 9.0.0449, 9.0.0450, 9.0.0451, 9.0.0452, 9.0.0453, 9.0.0454, 9.0.0455, 9.0.0456, 9.0.0457, 9.0.0458, 9.0.0459, 9.0.0460, 9.0.0461, 9.0.0462, 9.0.0463, 9.0.0464, 9.0.0465, 9.0.0466, 9.0.0467, 9.0.0468, 9.0.0469, 9.0.0470, 9.0.0471, 9.0.0472, 9.0.0473, 9.0.0474, 9.0.0475, 9.0.0476, 9.0.0477, 9.0.0478, 9.0.0479, 9.0.0480, 9.0.0481, 9.0.0482, 9.0.0483, 9.0.0484, 9.0.0485, 9.0.0486, 9.0.0487, 9.0.0488, 9.0.0489, 9.0.0490, 9.0.0491, 9.0.0492, 9.0.0493, 9.0.0494, 9.0.0495, 9.0.0496, 9.0.0497, 9.0.0498, 9.0.0499, 9.0.0500, 9.0.0501, 9.0.0502, 9.0.0503, 9.0.0504, 9.0.0505, 9.0.0506, 9.0.0507, 9.0.0508, 9.0.0509, 9.0.0510, 9.0.0511, 9.0.0512, 9.0.0513, 9.0.0514, 9.0.0515, 9.0.0516, 9.0.0517, 9.0.0518, 9.0.0519, 9.0.0520, 9.0.0521, 9.0.0522, 9.0.0523, 9.0.0524, 9.0.0525, 9.0.0526, 9.0.0527, 9.0.0528, 9.0.0529, 9.0.0530, 9.0.0531, 9.0.0532, 9.0.0533, 9.0.0534, 9.0.0535, 9.0.0536, 9.0.0537, 9.0.0538, 9.0.0539, 9.0.0540, 9.0.0541, 9.0.0542, 9.0.0543, 9.0.0544, 9.0.0545, 9.0.0546, 9.0.0547, 9.0.0548, 9.0.0549, 9.0.0550, 9.0.0551, 9.0.0552, 9.0.0553, 9.0.0554, 9.0.0555, 9.0.0556, 9.0.0557, 9.0.0558, 9.0.0559, 9.0.0560, 9.0.0561, 9.0.0562, 9.0.0563, 9.0.0564, 9.0.0565, 9.0.0566, 9.0.0567, 9.0.0568, 9.0.0569, 9.0.0570, 9.0.0571, 9.0.0572, 9.0.0573, 9.0.0574, 9.0.0575, 9.0.0576, 9.0.0577, 9.0.0578, 9.0.0579, 9.0.0580, 9.0.0581, 9.0.0582, 9.0.0583, 9.0.0584, 9.0.0585, 9.0.0586, 9.0.0587, 9.0.0588, 9.0.0589, 9.0.0590, 9.0.0591, 9.0.0592, 9.0.0593, 9.0.0594, 9.0.0595, 9.0.0596, 9.0.0597, 9.0.0598, 9.0.0599, 9.0.0600, 9.0.0601, 9.0.0602, 9.0.0603, 9.0.0604, 9.0.0605, 9.0.0606, 9.0.0607, 9.0.0608, 9.0.0609, 9.0.0610, 9.0.0611, 9.0.0612, 9.0.0613, 9.0.0614, 9.0.0615, 9.0.0616, 9.0.0617, 9.0.0618, 9.0.0619, 9.0.0620, 9.0.0621, 9.0.0622, 9.0.0623, 9.0.0624, 9.0.0625, 9.0.0626, 9.0.0627, 9.0.0628, 9.0.0629, 9.0.0630, 9.0.0631, 9.0.0632, 9.0.0633, 9.0.0634, 9.0.0635, 9.0.0636, 9.0.0637, 9.0.0638, 9.0.0639, 9.0.0640, 9.0.0641, 9.0.0642, 9.0.0643, 9.0.0644, 9.0.0645, 9.0.0646, 9.0.0647, 9.0.0648, 9.0.0649, 9.0.0650, 9.0.0651, 9.0.0652, 9.0.0653, 9.0.0654, 9.0.0655, 9.0.0656, 9.0.0657, 9.0.0658, 9.0.0659, 9.0.0660, 9.0.0661, 9.0.0662, 9.0.0663, 9.0.0664, 9.0.0665, 9.0.0666, 9.0.0667, 9.0.0668, 9.0.0669, 9.0.0670, 9.0.0671, 9.0.0672, 9.0.0673, 9.0.0674, 9.0.0675, 9.0.0676, 9.0.0677, 9.0.0678, 9.0.0679, 9.0.0680, 9.0.0681, 9.0.0682, 9.0.0683, 9.0.0684, 9.0.0685, 9.0.0686, 9.0.0687, 9.0.0688, 9.0.0689, 9.0.0690, 9.0.0691, 9.0.0692, 9.0.0693, 9.0.0694, 9.0.0695, 9.0.0696, 9.0.0697, 9.0.0698, 9.0.0699, 9.0.0700, 9.0.0701, 9.0.0702, 9.0.0703, 9.0.0704, 9.0.0705, 9.0.0706, 9.0.0707, 9.0.0708, 9.0.0709, 9.0.0710, 9.0.0711, 9.0.0712, 9.0.0713, 9.0.0714, 9.0.0715, 9.0.0716, 9.0.0717, 9.0.0718, 9.0.0719, 9.0.0720, 9.0.0721, 9.0.0722, 9.0.0723, 9.0.0724, 9.0.0725, 9.0.0726, 9.0.0727, 9.0.0728, 9.0.0729, 9.0.0730, 9.0.0731, 9.0.0732, 9.0.0733, 9.0.0734, 9.0.0735, 9.0.0736, 9.0.0737, 9.0.0738, 9.0.0739, 9.0.0740, 9.0.0741, 9.0.0742, 9.0.0743, 9.0.0744, 9.0.0745, 9.0.0746, 9.0.0747, 9.0.0748, 9.0.0749, 9.0.0750, 9.0.0751, 9.0.0752, 9.0.0753, 9.0.0754, 9.0.0755, 9.0.0756, 9.0.0757, 9.0.0758, 9.0.0759, 9.0.0760, 9.0.0761, 9.0.0762, 9.0.0763, 9.0.0764, 9.0.0765, 9.0.0766, 9.0.0767, 9.0.0768, 9.0.0769, 9.0.0770, 9.0.0771, 9.0.0772, 9.0.0773, 9.0.0774, 9.0.0775, 9.0.0776, 9.0.0777, 9.0.0778, 9.0.0779, 9.0.0780, 9.0.0781, 9.0.0782, 9.0.0783, 9.0.0784, 9.0.0785, 9.0.0786, 9.0.0787, 9.0.0788, 9.0.0789, 9.0.0790, 9.0.0791, 9.0.0792, 9.0.0793, 9.0.0794, 9.0.0795, 9.0.0796, 9.0.0797, 9.0.0798, 9.0.0799, 9.0.0800, 9.0.0801, 9.0.0802, 9.0.0803, 9.0.0804, 9.0.0805, 9.0.0806, 9.0.0807, 9.0.0808, 9.0.0809, 9.0.0810, 9.0.0811, 9.0.0812, 9.0.0813, 9.0.0814, 9.0.0815, 9.0.0818, 9.0.0819, 9.0.0820, 9.0.0821, 9.0.0822, 9.0.0823, 9.0.0824, 9.0.0825, 9.0.0826, 9.0.0827, 9.0.0828, 9.0.0829, 9.0.0830, 9.0.0831, 9.0.0832, 9.0.0833, 9.0.0834, 9.0.0835, 9.0.0836, 9.0.0837, 9.0.0838, 9.0.0839, 9.0.0840, 9.0.0841, 9.0.0842, 9.0.0843, 9.0.0844, 9.0.0845, 9.0.0846, 9.0.0847, 9.0.0848, 9.0.0849, 9.0.0850, 9.0.0851, 9.0.0852, 9.0.0853, 9.0.0854, 9.0.0855, 9.0.0856, 9.0.0857, 9.0.0858, 9.0.0859, 9.0.0860, 9.0.0861, 9.0.0862, 9.0.0863, 9.0.0864, 9.0.0865, 9.0.0866, 9.0.0867, 9.0.0868, 9.0.0869, 9.0.0870, 9.0.0871, 9.0.0872, 9.0.0873, 9.0.0874, 9.0.0875, 9.0.0876, 9.0.0877, 9.0.0878, 9.0.0879, 9.0.0880, 9.0.0881, 9.0.0882, 9.0.0883, 9.0.0884, 9.0.0885, 9.0.0886, 9.0.0887, 9.0.0888, 9.0.0889, 9.0.0890, 9.0.0891, 9.0.0892, 9.0.0893, 9.0.0894, 9.0.0895, 9.0.0896, 9.0.0897, 9.0.0898, 9.0.0899, 9.0.0900, 9.0.0901, 9.0.0902, 9.0.0903, 9.0.0904, 9.0.0905, 9.0.0906, 9.0.0907, 9.0.0908, 9.0.0909, 9.0.0910, 9.0.0911, 9.0.0912, 9.0.0913, 9.0.0914, 9.0.0915, 9.0.0916, 9.0.0917, 9.0.0918, 9.0.0919, 9.0.0920, 9.0.0921, 9.0.0922, 9.0.0923, 9.0.0924, 9.0.0925, 9.0.0926, 9.0.0927, 9.0.0928, 9.0.0929, 9.0.0930, 9.0.0931, 9.0.0932, 9.0.0933, 9.0.0934, 9.0.0935, 9.0.0936, 9.0.0937, 9.0.0938, 9.0.0939, 9.0.0940, 9.0.0941, 9.0.0942, 9.0.0943, 9.0.0944, 9.0.0945, 9.0.0946, 9.0.0947, 9.0.0948, 9.0.0949, 9.0.0950, 9.0.0951, 9.0.0952, 9.0.0953, 9.0.0954, 9.0.0955, 9.0.0956, 9.0.0957, 9.0.0958, 9.0.0959, 9.0.0960, 9.0.0961, 9.0.0962, 9.0.0963, 9.0.0964, 9.0.0965, 9.0.0966, 9.0.0967, 9.0.0968, 9.0.0969, 9.0.0970, 9.0.0971, 9.0.0972, 9.0.0973, 9.0.0974, 9.0.0975, 9.0.0976, 9.0.0977, 9.0.0978, 9.0.0979, 9.0.0980, 9.0.0981, 9.0.0982, 9.0.0983, 9.0.0984, 9.0.0985, 9.0.0986, 9.0.0987, 9.0.0988, 9.0.0989, 9.0.0990, 9.0.0991, 9.0.0992, 9.0.0993, 9.0.0994, 9.0.0995, 9.0.0996, 9.0.0997, 9.0.0998, 9.0.0999, 9.0.1000, 9.0.1001, 9.0.1002, 9.0.1003, 9.0.1004, 9.0.1005, 9.0.1006, 9.0.1007, 9.0.1008, 9.0.1009, 9.0.1010, 9.0.1011, 9.0.1012, 9.0.1013, 9.0.1014, 9.0.1015, 9.0.1016, 9.0.1017, 9.0.1018, 9.0.1019, 9.0.1020, 9.0.1021, 9.0.1022, 9.0.1023, 9.0.1024, 9.0.1025, 9.0.1026, 9.0.1027, 9.0.1028, 9.0.1029, 9.0.1030, 9.0.1031, 9.0.1032, 9.0.1033, 9.0.1034, 9.0.1035, 9.0.1036, 9.0.1037, 9.0.1038, 9.0.1039, 9.0.1040, 9.0.1041, 9.0.1042, 9.0.1043, 9.0.1044, 9.0.1045, 9.0.1046, 9.0.1047, 9.0.1048, 9.0.1049, 9.0.1050, 9.0.1051, 9.0.1052, 9.0.1053, 9.0.1054, 9.0.1055, 9.0.1056, 9.0.1057, 9.0.1058, 9.0.1059, 9.0.1060, 9.0.1061, 9.0.1062, 9.0.1063, 9.0.1064, 9.0.1065, 9.0.1066, 9.0.1067, 9.0.1068, 9.0.1069, 9.0.1070, 9.0.1071, 9.0.1072, 9.0.1073, 9.0.1074, 9.0.1075, 9.0.1076, 9.0.1077, 9.0.1078, 9.0.1079, 9.0.1080, 9.0.1081, 9.0.1082, 9.0.1083, 9.0.1084, 9.0.1085, 9.0.1086, 9.0.1087, 9.0.1088, 9.0.1089, 9.0.1090, 9.0.1091, 9.0.1092, 9.0.1093, 9.0.1094, 9.0.1095, 9.0.1096, 9.0.1097, 9.0.1098, 9.0.1099, 9.0.1100, 9.0.1101, 9.0.1102, 9.0.1103, 9.0.1104, 9.0.1105, 9.0.1106, 9.0.1107, 9.0.1108, 9.0.1109, 9.0.1110, 9.0.1111, 9.0.1112, 9.0.1113, 9.0.1114, 9.0.1115, 9.0.1116, 9.0.1117, 9.0.1118, 9.0.1119, 9.0.1120, 9.0.1121, 9.0.1122, 9.0.1123, 9.0.1124, 9.0.1125, 9.0.1126, 9.0.1127, 9.0.1128, 9.0.1129, 9.0.1130, 9.0.1131, 9.0.1132, 9.0.1133, 9.0.1134, 9.0.1135, 9.0.1136, 9.0.1137, 9.0.1138, 9.0.1139, 9.0.1140, 9.0.1141, 9.0.1142, 9.0.1143, 9.0.1144, 9.0.1145, 9.0.1146, 9.0.1147, 9.0.1148, 9.0.1149, 9.0.1150, 9.0.1151, 9.0.1152, 9.0.1153, 9.0.1154, 9.0.1155, 9.0.1156, 9.0.1157, 9.0.1158, 9.0.1159, 9.0.1160, 9.0.1161, 9.0.1162, 9.0.1163, 9.0.1164, 9.0.1165, 9.0.1166, 9.0.1167, 9.0.1168, 9.0.1169, 9.0.1170, 9.0.1171, 9.0.1172, 9.0.1173, 9.0.1174, 9.0.1175, 9.0.1176, 9.0.1177, 9.0.1178, 9.0.1179, 9.0.1180, 9.0.1181, 9.0.1182, 9.0.1183, 9.0.1184, 9.0.1185, 9.0.1186, 9.0.1187, 9.0.1188, 9.0.1189, 9.0.1190, 9.0.1191, 9.0.1192, 9.0.1193, 9.0.1194, 9.0.1195, 9.0.1196, 9.0.1197, 9.0.1198, 9.0.1199, 9.0.1200, 9.0.1201, 9.0.1202, 9.0.1203, 9.0.1204, 9.0.1205, 9.0.1206, 9.0.1207, 9.0.1208, 9.0.1209, 9.0.1210, 9.0.1211, 9.0.1212, 9.0.1213, 9.0.1214, 9.0.1215, 9.0.1216, 9.0.1217, 9.0.1218, 9.0.1219, 9.0.1220, 9.0.1221, 9.0.1222, 9.0.1223, 9.0.1224, 9.0.1225, 9.0.1226, 9.0.1227, 9.0.1228, 9.0.1229, 9.0.1230, 9.0.1231, 9.0.1232, 9.0.1233, 9.0.1234, 9.0.1235, 9.0.1236, 9.0.1237, 9.0.1238, 9.0.1239, 9.0.1240, 9.0.1241, 9.0.1242, 9.0.1243, 9.0.1244, 9.0.1245, 9.0.1246, 9.0.1247, 9.0.1248, 9.0.1249, 9.0.1250, 9.0.1251, 9.0.1252, 9.0.1253, 9.0.1254, 9.0.1255, 9.0.1256, 9.0.1257, 9.0.1258, 9.0.1259, 9.0.1260, 9.0.1261, 9.0.1262, 9.0.1263, 9.0.1264, 9.0.1265, 9.0.1266, 9.0.1267, 9.0.1268, 9.0.1269, 9.0.1270, 9.0.1271, 9.0.1272, 9.0.1273, 9.0.1274, 9.0.1275, 9.0.1276, 9.0.1277, 9.0.1278, 9.0.1279, 9.0.1280, 9.0.1281, 9.0.1282, 9.0.1283, 9.0.1284, 9.0.1285, 9.0.1286, 9.0.1287, 9.0.1288, 9.0.1289, 9.0.1290, 9.0.1291, 9.0.1292, 9.0.1293, 9.0.1294, 9.0.1295, 9.0.1296, 9.0.1297, 9.0.1298, 9.0.1299, 9.0.1300, 9.0.1301, 9.0.1302, 9.0.1303, 9.0.1304, 9.0.1305, 9.0.1306, 9.0.1307, 9.0.1308, 9.0.1309, 9.0.1310, 9.0.1311, 9.0.1312, 9.0.1313, 9.0.1314, 9.0.1315, 9.0.1316, 9.0.1317, 9.0.1318, 9.0.1319, 9.0.1320, 9.0.1321, 9.0.1322, 9.0.1323, 9.0.1324, 9.0.1325, 9.0.1326, 9.0.1327, 9.0.1328, 9.0.1329, 9.0.1330, 9.0.1331, 9.0.1332, 9.0.1333, 9.0.1334, 9.0.1335, 9.0.1336, 9.0.1337, 9.0.1338, 9.0.1339, 9.0.1340, 9.0.1341, 9.0.1342, 9.0.1343, 9.0.1344, 9.0.1345, 9.0.1346, 9.0.1347, 9.0.1348, 9.0.1349, 9.0.1350, 9.0.1351, 9.0.1352, 9.0.1353, 9.0.1354, 9.0.1355, 9.0.1356, 9.0.1357, 9.0.1358, 9.0.1359, 9.0.1360, 9.0.1361, 9.0.1362, 9.0.1363, 9.0.1364, 9.0.1365, 9.0.1366, 9.0.1367, 9.0.1368, 9.0.1369, 9.0.1370, 9.0.1371, 9.0.1372, 9.0.1373, 9.0.1374, 9.0.1375, 9.0.1376, 9.0.1377, 9.0.1378, 9.0.1379, 9.0.1380, 9.0.1381, 9.0.1382, 9.0.1383, 9.0.1384, 9.0.1385, 9.0.1386, 9.0.1387, 9.0.1388, 9.0.1389, 9.0.1390, 9.0.1391, 9.0.1392, 9.0.1393, 9.0.1394, 9.0.1395, 9.0.1396, 9.0.1397, 9.0.1398, 9.0.1399, 9.0.1400, 9.0.1401, 9.0.1402, 9.0.1403, 9.0.1404, 9.0.1405, 9.0.1406, 9.0.1407, 9.0.1408, 9.0.1409, 9.0.1410, 9.0.1411, 9.0.1412, 9.0.1413, 9.0.1414, 9.0.1415, 9.0.1416, 9.0.1417, 9.0.1418, 9.0.1419, 9.0.1420, 9.0.1421, 9.0.1422, 9.0.1423, 9.0.1424, 9.0.1425, 9.0.1426, 9.0.1427, 9.0.1428, 9.0.1429, 9.0.1430, 9.0.1431, 9.0.1432, 9.0.1433, 9.0.1434, 9.0.1435, 9.0.1436, 9.0.1437, 9.0.1438, 9.0.1439, 9.0.1440, 9.0.1441, 9.0.1442, 9.0.1443, 9.0.1444, 9.0.1445, 9.0.1446, 9.0.1447, 9.0.1448, 9.0.1449, 9.0.1450, 9.0.1451, 9.0.1452, 9.0.1453, 9.0.1454, 9.0.1455, 9.0.1456, 9.0.1457, 9.0.1458, 9.0.1459, 9.0.1460, 9.0.1461, 9.0.1462, 9.0.1463, 9.0.1464, 9.0.1465, 9.0.1466, 9.0.1467, 9.0.1468, 9.0.1469, 9.0.1470, 9.0.1471, 9.0.1472, 9.0.1473, 9.0.1474, 9.0.1476, 9.0.1477, 9.0.1478, 9.0.1479, 9.0.1480, 9.0.1481, 9.0.1482, 9.0.1483, 9.0.1484, 9.0.1485, 9.0.1486, 9.0.1487, 9.0.1488, 9.0.1489, 9.0.1490, 9.0.1491, 9.0.1492, 9.0.1493, 9.0.1494, 9.0.1495, 9.0.1496, 9.0.1497, 9.0.1498

External links
https://huntr.dev/bounties/3451be4c-91c8-4d08-926b-cbff7396f425
https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LOJP6M7ZTKZQYOGVOOAY6TIE6ACBJL55/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell RecoverPoint for Virtual Machines

Multiple vulnerabilities in Dell ObjectScale

Multiple vulnerabilities in Dell EMC VxRail Appliance

Dell EMC NetWorker vProxy update for third-party components

SUSE update for vim

Fedora 37 update for vim

Fedora 38 update for vim

SUSE update for vim

VMware Tanzu products update for Vim