Updated: 2024-11-29 04:22:58.966712
Description:
Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer in a new split window. Impact is low since the user must have intentionally set up such a strange auto command and run some buffer unload commands. However this may lead to a crash. This issue has been addressed in version 9.1.0764 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | NONE | 0 |
CVSS Version 3.x | LOW | 3.9 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 6 ELS | vim | 7.4.629 | 3.9 | LOW | Ignored | 2024-12-02 09:52:55 | ||
CentOS 7 ELS | vim | 7.4.629 | 3.9 | LOW | Ignored | 2024-12-02 09:52:55 | ||
CloudLinux 6 ELS | vim | 7.4.629 | 3.9 | LOW | Ignored | 2024-12-02 09:52:55 | ||
Oracle Linux 6 ELS | vim | 7.4.629 | 3.9 | LOW | Ignored | 2024-12-02 09:52:55 | ||
Ubuntu 16.04 ELS | vim | 7.4.1689-3 | 3.9 | LOW | Needs Triage | 2024-11-29 04:23:04 |