Test ID:	1.3.6.1.4.1.25623.1.1.10.2022.0203
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2022-0203)
Summary:	The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2022-0203 advisory.
Description:	Summary: The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2022-0203 advisory. Vulnerability Insight: vim is vulnerable to out of bounds read (CVE-2022-0213) Heap-based Buffer Overflow in block_insert() in src/ops.c (CVE-2022-0261) a heap-based OOB read of size 1 (CVE-2022-0128) heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318) access of memory location before start of buffer (CVE-2022-0351) heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359) Stack-based Buffer Overflow in spellsuggest.c (CVE-2022-0408) use after free in src/ex_cmds.c (CVE-2022-0413) out-of-bounds read in delete_buff_tail() in getchar.c (CVE-2022-0393) heap-based-buffer-overflow in ex_retab() of src/indent.c (CVE-2022-0417) heap-use-after-free in enter_buffer() of src/buffer.c (CVE-2022-0443) heap overflow in ex_retab() may lead to crash (CVE-2022-0572) Stack-based Buffer Overflow in vim prior to 8.2. (CVE-2022-0629) NULL Pointer Dereference in vim prior to 8.2 (CVE-2022-0696) buffer overflow (CVE-2022-0714) Use of Out-of-range Pointer Offset (CVE-2022-0729) Use of Out-of-range Pointer Offset in vim (CVE-2022-0685) Use of Out-of-range Pointer Offset in vim (CVE-2022-0554) Heap-based Buffer Overflow occurs in vim (CVE-2022-0943) heap buffer overflow in get_one_sourceline (CVE-2022-1160) use after free in utf_ptr2char (CVE-2022-1154) global heap buffer overflow in skip_range (CVE-2022-1381) Out-of-range Pointer Offset (CVE-2022-1420) heap-buffer-overflow in append_command of src/ex_docmd.c (CVE-2022-1616) heap-buffer-overflow in cmdline_erase_chars of ex_getln.c (CVE-2022-1619) NULL Pointer Dereference in vim_regexec_string() of regexp.c (CVE-2022-1620) heap buffer overflow (CVE-2022-1621) buffer over-read (CVE-2022-1629) NULL pointer dereference in vim_regexec_string() of regexp.c (CVE-2022-1674) a buffer over-read found in scriptfile.c (CVE-2022-1769) Heap-based Buffer Overflow in cindent.c (CVE-2022-1733) Affected Software/OS: 'vim' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0128 https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba http://seclists.org/fulldisclosure/2022/Mar/29 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/Jul/14 https://security.gentoo.org/glsa/202208-32 https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a http://www.openwall.com/lists/oss-security/2022/01/15/1 Common Vulnerability Exposure (CVE) ID: CVE-2022-0213 https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0261 https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82 http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0318 https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08 https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0351 https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161 https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d Common Vulnerability Exposure (CVE) ID: CVE-2022-0359 https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1 Common Vulnerability Exposure (CVE) ID: CVE-2022-0393 https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/ https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323 Common Vulnerability Exposure (CVE) ID: CVE-2022-0408 https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31 Common Vulnerability Exposure (CVE) ID: CVE-2022-0413 https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38 https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a Common Vulnerability Exposure (CVE) ID: CVE-2022-0417 https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0443 https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51 https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461 Common Vulnerability Exposure (CVE) ID: CVE-2022-0554 https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71 https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8 Common Vulnerability Exposure (CVE) ID: CVE-2022-0572 https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/ https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f Common Vulnerability Exposure (CVE) ID: CVE-2022-0629 https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/ https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc Common Vulnerability Exposure (CVE) ID: CVE-2022-0685 https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782 https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87 Common Vulnerability Exposure (CVE) ID: CVE-2022-0696 https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1 Common Vulnerability Exposure (CVE) ID: CVE-2022-0714 https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/ https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa Common Vulnerability Exposure (CVE) ID: CVE-2022-0729 https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30 Common Vulnerability Exposure (CVE) ID: CVE-2022-0943 https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/ https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3 Common Vulnerability Exposure (CVE) ID: CVE-2022-1154 https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/ https://security.gentoo.org/glsa/202305-16 https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5 https://www.oracle.com/security-alerts/cpujul2022.html Common Vulnerability Exposure (CVE) ID: CVE-2022-1160 https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c https://github.com/vim/vim/commit/2bdad6126778f907c0b98002bfebf0e611a3f5db Common Vulnerability Exposure (CVE) ID: CVE-2022-1381 https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/ https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47 Common Vulnerability Exposure (CVE) ID: CVE-2022-1420 https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326 https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca Common Vulnerability Exposure (CVE) ID: CVE-2022-1616 https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/ https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c Common Vulnerability Exposure (CVE) ID: CVE-2022-1619 https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450 https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe Common Vulnerability Exposure (CVE) ID: CVE-2022-1620 https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51 https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f Common Vulnerability Exposure (CVE) ID: CVE-2022-1621 https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b Common Vulnerability Exposure (CVE) ID: CVE-2022-1629 https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee https://github.com/vim/vim/commit/53a70289c2712808e6d4e88927e03cac01b470dd Common Vulnerability Exposure (CVE) ID: CVE-2022-1674 https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODXVYZC5Z4XRRZK7CK6B6IURYVYHA25U/ https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060 Common Vulnerability Exposure (CVE) ID: CVE-2022-1733 https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/ https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813 Common Vulnerability Exposure (CVE) ID: CVE-2022-1769 https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.