Test ID:	1.3.6.1.4.1.25623.1.1.12.2023.5995.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-5995-1)
Summary:	The remote host is missing an update for the 'vim' package(s) announced via the USN-5995-1 advisory.
Description:	Summary: The remote host is missing an update for the 'vim' package(s) announced via the USN-5995-1 advisory. Vulnerability Insight: It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304, CVE-2022-2345, CVE-2022-2581) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849, CVE-2022-2923) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927, CVE-2022-2344) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2946) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2980) Affected Software/OS: 'vim' package(s) on Ubuntu 14.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 22.10. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0413 https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/ https://security.gentoo.org/glsa/202208-32 https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2022-1629 https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/ http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://security.gentoo.org/glsa/202305-16 https://github.com/vim/vim/commit/53a70289c2712808e6d4e88927e03cac01b470dd Common Vulnerability Exposure (CVE) ID: CVE-2022-1674 https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODXVYZC5Z4XRRZK7CK6B6IURYVYHA25U/ https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060 Common Vulnerability Exposure (CVE) ID: CVE-2022-1720 https://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/ http://seclists.org/fulldisclosure/2022/Oct/43 http://seclists.org/fulldisclosure/2022/Oct/45 https://github.com/vim/vim/commit/395bd1f6d3edc9f7edb5d1f2d7deaf5a9e3ab93c https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html Common Vulnerability Exposure (CVE) ID: CVE-2022-1733 https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/ https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813 Common Vulnerability Exposure (CVE) ID: CVE-2022-1735 https://huntr.dev/bounties/c9f85608-ff11-48e4-933d-53d1759d44d9 https://github.com/vim/vim/commit/7ce5b2b590256ce53d6af28c1d203fb3bc1d2d97 Common Vulnerability Exposure (CVE) ID: CVE-2022-1785 https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109 https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839 https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html Common Vulnerability Exposure (CVE) ID: CVE-2022-1796 https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5 Common Vulnerability Exposure (CVE) ID: CVE-2022-1851 https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/ https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad Common Vulnerability Exposure (CVE) ID: CVE-2022-1898 https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a Common Vulnerability Exposure (CVE) ID: CVE-2022-1927 https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777 https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 Common Vulnerability Exposure (CVE) ID: CVE-2022-1942 https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071 https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d Common Vulnerability Exposure (CVE) ID: CVE-2022-1968 https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895 Common Vulnerability Exposure (CVE) ID: CVE-2022-2124 https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42 https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f Common Vulnerability Exposure (CVE) ID: CVE-2022-2125 https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705 https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f Common Vulnerability Exposure (CVE) ID: CVE-2022-2126 https://huntr.dev/bounties/8d196d9b-3d10-41d2-9f70-8ef0d08c946e https://github.com/vim/vim/commit/156d3911952d73b03d7420dc3540215247db0fe8 Common Vulnerability Exposure (CVE) ID: CVE-2022-2129 https://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352 https://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d Common Vulnerability Exposure (CVE) ID: CVE-2022-2175 https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55 https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e Common Vulnerability Exposure (CVE) ID: CVE-2022-2183 https://huntr.dev/bounties/d74ca3f9-380d-4c0a-b61c-11113cc98975 https://github.com/vim/vim/commit/8eba2bd291b347e3008aa9e565652d51ad638cfa Common Vulnerability Exposure (CVE) ID: CVE-2022-2206 https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668 https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908 Common Vulnerability Exposure (CVE) ID: CVE-2022-2304 https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/ https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939 Common Vulnerability Exposure (CVE) ID: CVE-2022-2344 https://huntr.dev/bounties/4a095ed9-3125-464a-b656-c31b437e1996 https://github.com/vim/vim/commit/baefde14550231f6468ac2ed2ed495bc381c0c92 Common Vulnerability Exposure (CVE) ID: CVE-2022-2345 https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f https://github.com/vim/vim/commit/32acf1f1a72ebb9d8942b9c9d80023bf1bb668ea Common Vulnerability Exposure (CVE) ID: CVE-2022-2571 https://huntr.dev/bounties/2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571 https://github.com/vim/vim/commit/a6f9e300161f4cb54713da22f65b261595e8e614 Common Vulnerability Exposure (CVE) ID: CVE-2022-2581 https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88 Common Vulnerability Exposure (CVE) ID: CVE-2022-2845 FEDORA-2022-3b33d04743 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/ FEDORA-2022-b9edf60581 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/ GLSA-202305-16 https://github.com/vim/vim/commit/e98c88c44c308edaea5994b8ad4363e65030968c https://huntr.dev/bounties/3e1d31ac-1cfd-4a9f-bc5c-213376b69445 Common Vulnerability Exposure (CVE) ID: CVE-2022-2849 https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/ https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2 Common Vulnerability Exposure (CVE) ID: CVE-2022-2923 https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/ https://github.com/vim/vim/commit/6669de1b235843968e88844ca6d3c8dec4b01a9e Common Vulnerability Exposure (CVE) ID: CVE-2022-2946 https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5 https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c Common Vulnerability Exposure (CVE) ID: CVE-2022-2980 https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.