Bugzilla – Bug 1217326
VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
Last modified: 2024-05-24 10:37:09 UTC
When parsing relative ex addresses one may unintentionally cause an overflow. Ironacially this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen. So verify that the line numer is actually positive before doing the actual overflow check. The Vim project would like to thank Fabian Toepfer for reporting this issue which is now fixed in Vim patch 9.0.2110. References: https://github.com/vim/vim/security/advisories/GHSA-6g74-hr6q-pr8g
Tracking as affected: - SUSE:ALP:Source:Standard:1.0/vim - SUSE:SLE-12:Update/vim - SUSE:SLE-15-SP5:Update/vim - SUSE:SLE-15:Update/vim - openSUSE:Factory/vim Upstream fix: https://github.com/vim/vim/commit/060623e4a3bc72b011e7cd92bedb3bfb64e06200
The next upcoming maintenance update will have the fix.
SUSE-SU-2024:0783-1: An update that solves 10 vulnerabilities can now be installed. Category: security (important) Bug References: 1215005, 1217316, 1217320, 1217321, 1217324, 1217326, 1217329, 1217330, 1217432, 1219581 CVE References: CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667 Sources used: SUSE Linux Enterprise High Performance Computing 12 SP5 (src): vim-9.1.0111-17.29.1 SUSE Linux Enterprise Server 12 SP5 (src): vim-9.1.0111-17.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): vim-9.1.0111-17.29.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0871-1: An update that solves 10 vulnerabilities can now be installed. Category: security (important) Bug References: 1215005, 1217316, 1217320, 1217321, 1217324, 1217326, 1217329, 1217330, 1217432, 1219581 CVE References: CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667 Sources used: openSUSE Leap Micro 5.3 (src): vim-9.1.0111-150000.5.60.1 openSUSE Leap Micro 5.4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro for Rancher 5.3 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro 5.3 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro 5.4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): vim-9.1.0111-150000.5.60.1 SUSE Manager Proxy 4.3 (src): vim-9.1.0111-150000.5.60.1 SUSE Manager Retail Branch Server 4.3 (src): vim-9.1.0111-150000.5.60.1 SUSE Manager Server 4.3 (src): vim-9.1.0111-150000.5.60.1 SUSE Enterprise Storage 7.1 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro 5.1 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro 5.2 (src): vim-9.1.0111-150000.5.60.1 SUSE Linux Enterprise Micro for Rancher 5.2 (src): vim-9.1.0111-150000.5.60.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:1287-1: An update that solves 10 vulnerabilities can now be installed. Category: security (important) Bug References: 1215005, 1217316, 1217320, 1217321, 1217324, 1217326, 1217329, 1217330, 1217432, 1219581 CVE References: CVE-2023-4750, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667 Maintenance Incident: [SUSE:Maintenance:32818](https://smelt.suse.de/incident/32818/) Sources used: openSUSE Leap 15.5 (src): vim-9.1.0111-150500.20.9.1 SUSE Linux Enterprise Micro 5.5 (src): vim-9.1.0111-150500.20.9.1 Basesystem Module 15-SP5 (src): vim-9.1.0111-150500.20.9.1 Desktop Applications Module 15-SP5 (src): vim-9.1.0111-150500.20.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Released. Closing bug.