Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Z498xJYy2eZ9T+42@256bit.org>
Date: Tue, 21 Jan 2025 11:53:56 +0100
From: Christian Brabandt <cb@...bit.org>
To: oss-security@...ts.openwall.com
Subject: Re: Subject: [vim-security] segmentation fault in
 win_line() in Vim < 9.1.1043

Eli, sorry for the duplicate. I messed up the reply...

On Mon, 20 Jan 2025, Eli Schwartz wrote:

> It seems strange to me to say that it is a vulnerability, for a vim
> option that accepts a full-blown script to also crash when fuzzed.
>
> It's not an attack vector to crash /bin/bash when fed a malformed
> script, so why is there anything to comment on with regard to vim 
> either?

It was reported to us via the Security Advisory feature of Github and
while I am convinced that this cannot be used to do any harm to users
(except for crashing), there was still a small possibility that this may
have been abused in the future.

So when in doubt, I go with the handling this as security relevant.

> How is this "medium" impact?

The CVE calculator tends to exaggerate the score, even when being
conservative with each metric.

Thanks,
Christian

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.