Amazon Linux 2022 Security Advisory: ALAS-2022-023
Advisory Release Date: 2022-02-02 07:35 Pacific
Advisory Updated Date: 2022-02-03 00:50 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
A flaw was found in vim. The vulnerability occurs due to too many recursions, which can lead to a segmentation fault. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0351)
A flaw was found in vim. The vulnerability occurs due to Illegal memory access with large tabstop in Ex mode, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0359)
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)
A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0368)
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0392)
A flaw was found in vim. The vulnerability occurs due to the read operation before the start of the line and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0407)
Affected Packages:
vim
Issue Correction:
Run dnf update --releasever=2022.0.20220202 vim to update your system.
aarch64:
vim-X11-debuginfo-8.2.4232-1.amzn2022.aarch64
vim-enhanced-debuginfo-8.2.4232-1.amzn2022.aarch64
vim-minimal-8.2.4232-1.amzn2022.aarch64
vim-debuginfo-8.2.4232-1.amzn2022.aarch64
vim-debugsource-8.2.4232-1.amzn2022.aarch64
vim-common-debuginfo-8.2.4232-1.amzn2022.aarch64
vim-enhanced-8.2.4232-1.amzn2022.aarch64
vim-minimal-debuginfo-8.2.4232-1.amzn2022.aarch64
vim-X11-8.2.4232-1.amzn2022.aarch64
vim-common-8.2.4232-1.amzn2022.aarch64
noarch:
vim-data-8.2.4232-1.amzn2022.noarch
vim-default-editor-8.2.4232-1.amzn2022.noarch
vim-filesystem-8.2.4232-1.amzn2022.noarch
src:
vim-8.2.4232-1.amzn2022.src
x86_64:
vim-X11-debuginfo-8.2.4232-1.amzn2022.x86_64
vim-minimal-debuginfo-8.2.4232-1.amzn2022.x86_64
vim-X11-8.2.4232-1.amzn2022.x86_64
vim-debugsource-8.2.4232-1.amzn2022.x86_64
vim-enhanced-debuginfo-8.2.4232-1.amzn2022.x86_64
vim-debuginfo-8.2.4232-1.amzn2022.x86_64
vim-minimal-8.2.4232-1.amzn2022.x86_64
vim-enhanced-8.2.4232-1.amzn2022.x86_64
vim-common-debuginfo-8.2.4232-1.amzn2022.x86_64
vim-common-8.2.4232-1.amzn2022.x86_64