Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <ZTrDMV48/Zg/5ose@256bit.org>
Date: Thu, 26 Oct 2023 21:51:13 +0200
From: Christian Brabandt <cb@...bit.org>
To: Christian Brabandt <cb@...bit.org>
Cc: oss-security@...ts.openwall.com
Subject: [vim-security] integer overflow in :history command in Vim < 9.0.2068

Integer overflow in :history Ex-Command in Vim < 9.0.2068
=========================================================

Severity: Low

When using the :history ex-command, it's possible that the
provided argument overflows the accepted value. Causing an
Integer Overflow and potentially later an use-after-free.

This is not a major issue as most users probably won't use
intentionally large values for the :history command

The issue is fixed in Vim version 9.0.2068.

This issue was reported on October 26th, 2023 by Cole
Dilorenzo to the vim-security mailing list.

https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm
https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a

Thanks,
Christian
-- 
Wer den Sirenengesang der Werbung widersteht, ist mündiger Bürger. Und
gefährdet Arbeitskräfte.
		-- Oliver Hassencamp

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.