CVE-2022-0729
Use of Out-of-range Pointer Offset in vim/vim
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
Un Uso de un Desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4440
It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. It was discovered that Vim was using freed memory when dealing with regular expressions inside a visual selection. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-22 CVE Reserved
- 2022-02-23 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-823: Use of Out-of-range Pointer Offset
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2022/Oct/28 | Mailing List |
|
| http://seclists.org/fulldisclosure/2022/Oct/41 | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html | Mailing List |
|
| https://support.apple.com/kb/HT213488 | Release Notes |
|
| URL | Date | SRC |
|---|---|---|
| https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea | 2024-08-02 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vim Search vendor "Vim" | Vim Search vendor "Vim" for product "Vim" | < 8.2.4440 Search vendor "Vim" for product "Vim" and version " < 8.2.4440" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | < 13.0 Search vendor "Apple" for product "Macos" and version " < 13.0" | - |
Affected
| ||||||