Vulnerability CVE-2022-1674: Information

Description

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-1674
Published: May 12, 2022
Modified: Nov. 7, 2023
Error type identifier: CWE-476

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
vimsisyphus8.2.5019-alt19.1.0050-alt3ALT-PU-2022-1948-1300642Fixed
vimsisyphus_e2k8.2.5172-alt19.1.0050-alt3ALT-PU-2022-5489-1-Fixed
vimsisyphus_mipsel8.2.5019-alt19.0.2136-alt1ALT-PU-2022-5075-1-Fixed
vimsisyphus_riscv648.2.5019-alt19.1.0050-alt3ALT-PU-2022-5079-1-Fixed
vimp108.2.5019-alt19.0.2136-alt1ALT-PU-2022-1977-1300891Fixed
vimp10_e2k8.2.5019-alt19.0.2136-alt1ALT-PU-2022-5109-1-Fixed
vimp98.2.5019-alt19.0.0827-alt1ALT-PU-2022-1987-1300894Fixed
vimp9_e2k8.2.5019-alt19.0.0827-alt1ALT-PU-2022-5186-1-Fixed
vimp9_mipsel8.2.5172-alt19.0.0827-alt1ALT-PU-2022-6061-1-Fixed
vimc10f18.2.5019-alt19.1.0050-alt2ALT-PU-2022-1977-1300891Fixed
vimc9f28.2.5019-alt19.1.0050-alt2ALT-PU-2022-1958-1300708Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385
  • Exploit
  • Patch
  • Third Party Advisory
https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060
  • Patch
  • Third Party Advisory
GLSA-202208-32
  • Third Party Advisory
https://support.apple.com/kb/HT213488
  • Release Notes
  • Third Party Advisory
20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13
  • Mailing List
  • Release Notes
  • Third Party Advisory
20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13
    GLSA-202305-16
      FEDORA-2022-d20b51de9c
        FEDORA-2022-74b9e404c1
          FEDORA-2022-d044e7e0b4

              1. Configuration 1

                cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
                End excliding
                8.2.4938

                Configuration 2

                cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
                cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
                cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

                Configuration 3

                cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
                End excliding
                13.0
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.4.2
            Back to top