Vulnerability CVE-2022-1616: Information

Description

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Published: May 7, 2022
Modified: Nov. 7, 2023
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
vimsisyphus8.2.5019-alt19.1.0050-alt2ALT-PU-2022-1948-1300642Fixed
vimsisyphus_e2k8.2.5172-alt19.1.0050-alt2ALT-PU-2022-5489-1-Fixed
vimsisyphus_mipsel8.2.5019-alt19.0.2136-alt1ALT-PU-2022-5075-1-Fixed
vimsisyphus_riscv648.2.5019-alt19.1.0050-alt2ALT-PU-2022-5079-1-Fixed
vimp108.2.5019-alt19.0.2136-alt1ALT-PU-2022-1977-1300891Fixed
vimp10_e2k8.2.5019-alt19.0.2136-alt1ALT-PU-2022-5109-1-Fixed
vimp98.2.5019-alt19.0.0827-alt1ALT-PU-2022-1987-1300894Fixed
vimp9_e2k8.2.5019-alt19.0.0827-alt1ALT-PU-2022-5186-1-Fixed
vimp9_mipsel8.2.5172-alt19.0.0827-alt1ALT-PU-2022-6061-1-Fixed
vimc10f18.2.5019-alt19.1.0050-alt2ALT-PU-2022-1977-1300891Fixed
vimc9f28.2.5019-alt19.1.0050-alt2ALT-PU-2022-1958-1300708Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
      End excliding
      8.2.4895

      Configuration 2

      cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

      Configuration 4

      cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
      End excliding
      13.0