Wind River Support Network

HomeDefectsLIN1023-3602
Fixed

LIN1023-3602 : Security Advisory - vim - CVE-2024-22667

Created: Feb 5, 2024    Updated: Mar 22, 2024
Resolved Date: Mar 17, 2024
Found In Version: 10.23.30.1
Fix Version: 10.23.30.9
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.

CREATE(Triage):(User=admin) CVE-2024-22667 (https://nvd.nist.gov/vuln/detail/CVE-2024-22667)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube