ID

VAR-202201-0355

CVE

CVE-2022-0359

TITLE

vim/vim   Out-of-bounds write vulnerability in

DESCRIPTION

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. vim/vim Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: vim security update Advisory ID: RHSA-2022:0894-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0894 Issue date: 2022-03-15 CVE Names: CVE-2022-0261 CVE-2022-0318 CVE-2022-0359 CVE-2022-0361 CVE-2022-0392 CVE-2022-0413 ==================================================================== 1. Summary: An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: vim-X11-8.0.1763-16.el8_5.12.aarch64.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-common-8.0.1763-16.el8_5.12.aarch64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-debugsource-8.0.1763-16.el8_5.12.aarch64.rpm vim-enhanced-8.0.1763-16.el8_5.12.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm noarch: vim-filesystem-8.0.1763-16.el8_5.12.noarch.rpm ppc64le: vim-X11-8.0.1763-16.el8_5.12.ppc64le.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-common-8.0.1763-16.el8_5.12.ppc64le.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-debugsource-8.0.1763-16.el8_5.12.ppc64le.rpm vim-enhanced-8.0.1763-16.el8_5.12.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm s390x: vim-X11-8.0.1763-16.el8_5.12.s390x.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-common-8.0.1763-16.el8_5.12.s390x.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-debugsource-8.0.1763-16.el8_5.12.s390x.rpm vim-enhanced-8.0.1763-16.el8_5.12.s390x.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm x86_64: vim-X11-8.0.1763-16.el8_5.12.x86_64.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-common-8.0.1763-16.el8_5.12.x86_64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-debugsource-8.0.1763-16.el8_5.12.x86_64.rpm vim-enhanced-8.0.1763-16.el8_5.12.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: vim-8.0.1763-16.el8_5.12.src.rpm aarch64: vim-X11-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-debugsource-8.0.1763-16.el8_5.12.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm vim-minimal-8.0.1763-16.el8_5.12.aarch64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm ppc64le: vim-X11-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-debugsource-8.0.1763-16.el8_5.12.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm vim-minimal-8.0.1763-16.el8_5.12.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm s390x: vim-X11-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-debugsource-8.0.1763-16.el8_5.12.s390x.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm vim-minimal-8.0.1763-16.el8_5.12.s390x.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm x86_64: vim-X11-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-debugsource-8.0.1763-16.el8_5.12.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm vim-minimal-8.0.1763-16.el8_5.12.x86_64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. Description: Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/): 2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files 2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files 2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation 5. This update provides security fixes, bug fixes, and updates the container images. Description: Red Hat Advanced Cluster Management for Kubernetes 2.4.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/ Security updates: * golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565) * nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450) * nanoid: Information disclosure via valueOf() function (CVE-2021-23566) * nodejs-shelljs: improper privilege management (CVE-2022-0144) * search-ui-container: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155) * node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235) * follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536) * openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778) * imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path (CVE-2022-24778) * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) * opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190) Related bugs: * RHACM 2.4.3 image files (BZ #2057249) * Observability - dashboard name contains `/` would cause error when generating dashboard cm (BZ #2032128) * ACM application placement fails after renaming the application name (BZ #2033051) * Disable the obs metric collect should not impact the managed cluster upgrade (BZ #2039197) * Observability - cluster list should only contain OCP311 cluster on OCP311 dashboard (BZ #2039820) * The value of name label changed from clusterclaim name to cluster name (BZ #2042223) * VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys (BZ #2048500) * clusterSelector matchLabels spec are cleared when changing app name/namespace during creating an app in UI (BZ #2053211) * Application cluster status is not updated in UI after restoring (BZ #2053279) * OpenStack cluster creation is using deprecated floating IP config for 4.7+ (BZ #2056610) * The value of Vendor reported by cluster metrics was Other even if the vendor label in managedcluster was Openshift (BZ #2059039) * Subscriptions stop reconciling after channel secrets are recreated (BZ #2059954) * Placementrule is not reconciling on a new fresh environment (BZ #2074156) * The cluster claimed from clusterpool cannot auto imported (BZ #2074543) 3. Bugs fixed (https://bugzilla.redhat.com/): 2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion 2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic 2032128 - Observability - dashboard name contains `/` would cause error when generating dashboard cm 2033051 - ACM application placement fails after renaming the application name 2039197 - disable the obs metric collect should not impact the managed cluster upgrade 2039820 - Observability - cluster list should only contain OCP311 cluster on OCP311 dashboard 2042223 - the value of name label changed from clusterclaim name to cluster name 2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management 2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2048500 - VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys 2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function 2052573 - CVE-2022-24450 nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account 2053211 - clusterSelector matchLabels spec are cleared when changing app name/namespace during creating an app in UI 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2053279 - Application cluster status is not updated in UI after restoring 2056610 - OpenStack cluster creation is using deprecated floating IP config for 4.7+ 2057249 - RHACM 2.4.3 images 2059039 - The value of Vendor reported by cluster metrics was Other even if the vendor label in managedcluster was Openshift 2059954 - Subscriptions stop reconciling after channel secrets are recreated 2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server 2069368 - CVE-2022-24778 imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path 2074156 - Placementrule is not reconciling on a new fresh environment 2074543 - The cluster claimed from clusterpool can not auto imported 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6 macOS Monterey 12.6 addresses the following issues. AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc. Entry added October 27, 2022 ATS Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2022-32902: Mickey Jin (@patch1t) Entry added October 27, 2022 ATS Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-32904: Mickey Jin (@patch1t) Entry added October 27, 2022 ATS Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2022-32902: Mickey Jin (@patch1t) Calendar Available for: macOS Monterey Impact: An app may be able to read sensitive location information Description: An access issue was addressed with improved access restrictions. CVE-2022-42819: an anonymous researcher Entry added October 27, 2022 GarageBand Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: A configuration issue was addressed with additional restrictions. CVE-2022-32877: Wojciech Reguła (@_r3ggi) of SecuRing Entry added October 27, 2022 ImageIO Available for: macOS Monterey Impact: Processing an image may lead to a denial-of-service Description: A denial-of-service issue was addressed with improved validation. CVE-2022-1622 Entry added October 27, 2022 Image Processing Available for: macOS Monterey Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states. CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit) Entry added October 27, 2022 iMovie Available for: macOS Monterey Impact: A user may be able to view sensitive user information Description: This issue was addressed by enabling hardened runtime. CVE-2022-32896: Wojciech Reguła (@_r3ggi) Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-32914: Zweig of Kunlun Lab Entry added October 27, 2022 Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32911: Zweig of Kunlun Lab CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de) CVE-2022-32924: Ian Beer of Google Project Zero Entry updated October 27, 2022 Kernel Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de) Kernel Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: The issue was addressed with improved bounds checks. CVE-2022-32917: an anonymous researcher Maps Available for: macOS Monterey Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions. CVE-2022-32883: Ron Masas of breakpointhq.com Entry updated October 27, 2022 MediaLibrary Available for: macOS Monterey Impact: A user may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-32908: an anonymous researcher ncurses Available for: macOS Monterey Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-39537 Entry added October 27, 2022 PackageKit Available for: macOS Monterey Impact: An app may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2022-32900: Mickey Jin (@patch1t) Sandbox Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions. CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 Security Available for: macOS Monterey Impact: An app may be able to bypass code signing checks Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de) Entry added October 27, 2022 Sidecar Available for: macOS Monterey Impact: A user may be able to view restricted content from the lock screen Description: A logic issue was addressed with improved state management. CVE-2022-42790: Om kothawade of Zaprico Digital Entry added October 27, 2022 SMB Available for: macOS Monterey Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling. CVE-2022-32934: Felix Poulin-Belanger Entry added October 27, 2022 Vim Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0392 Entry added October 27, 2022 Vim Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to a denial- of-service or potentially disclose memory contents Description: This issue was addressed with improved checks. CVE-2022-1720 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 Entry added October 27, 2022 Weather Available for: macOS Monterey Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management. CVE-2022-32875: an anonymous researcher Entry added October 27, 2022 WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 242047 CVE-2022-32888: P1umer (@p1umer) Entry added October 27, 2022 Additional recognition Identity Services We would like to acknowledge Joshua Jones for their assistance. macOS Monterey 12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpcACgkQ4RjMIDke Nxkwlg//SSBu/uDg4G5fbGIYbNhe6z0pbPi6KhKQJI/fwDQw0rD1rRCYMYY3FqSv QwV8MyduewVyNTYL/OiNUDEBJolv3HmAGSLOKML4fJzExGN8j0hzxB+VDreh0PP7 /dIFsarwPIdQTaqD+oolT6XPJ1oG+GClaFn2JRJd1eCMstpQ9n04TZlTa6g5kSzT ZU6GnRyVBTSi9o2FGKJ0uZxTVZ06G2M1Y6j5qEugEiO+8mSP6DbE8GuMNhxQHgdQ IThRbMhaggheulPHgoF5023MB2eHOxzd92qGQBfilGXiDEXYQW8dCD21yhEDQt9J 5TKrgDRnGweDZIrTm3/dUiEfcAIrpNCGvieXCTmuBLnG9DqJyfYq8KPAh7E5Mwry TQvtTSVvf5Gp/vfrDZSbkS5dzWoIlJJByvc9Zt9MtC+eP2vYXjYAwDRd9duM/N+J 1wzXK8axVwImx58j5Ae1VsfELkbiGicovRn306MKUWgl3iz6D2JNTJPIyI96K3D7 ZDg4FhFJOTfXdmSdH9bbGKMt2LTPbYem3gk7zm4a5eKp3RQGd8HnhTRbMbr5e7Vh /C6AwsIbWhvE2SY3Pig7+BkzjfX4wNlnxKpa+wzZfamaXHxYYu6jwHdi74gqv5JA GDdcqUsSlUaFU+VsZlWnogpZGJjq5dxowq+2jmD2AOjevacHe3c= =uGN6 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6026-1 April 19, 2023 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 14.04 ESM Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-4166) It was discovered that Vim was using freed memory when dealing with regular expressions inside a visual selection. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4192) It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4193) It was discovered that Vim was not properly performing bounds checks when updating windows present on a screen, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0213) It was discovered that Vim was incorrectly performing read and write operations when in visual block mode, going beyond the end of a line and causing a heap buffer overflow. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0261, CVE-2022-0318) It was discovered that Vim was incorrectly handling window exchanging operations when in Visual mode, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-0319) It was discovered that Vim was incorrectly handling recursion when parsing conditional expressions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0351) It was discovered that Vim was not properly handling memory allocation when processing data in Ex mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0359) It was discovered that Vim was not properly performing bounds checks when executing line operations in Visual mode, which could result in a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0361, CVE-2022-0368) It was discovered that Vim was not properly handling loop conditions when looking for spell suggestions, which could result in a stack buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0408) It was discovered that Vim was incorrectly handling memory access when executing buffer operations, which could result in the usage of freed memory. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0443) It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. (CVE-2022-0554) It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs with spaces or spaces with tabs, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0572) It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0629) It was discovered that Vim was not properly performing validation of data that contained special multi-byte characters, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0685) It was discovered that Vim was incorrectly processing data used to define indentation in a file, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0714) It was discovered that Vim was incorrectly processing certain regular expression patterns and strings, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0729) It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. (CVE-2022-2207) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: vim 2:8.2.3995-1ubuntu2.7 Ubuntu 20.04 LTS: vim 2:8.1.2269-1ubuntu5.14 Ubuntu 18.04 LTS: vim 2:8.0.1453-1ubuntu1.13 Ubuntu 14.04 ESM: vim 2:7.4.052-1ubuntu3.1+esm9 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6026-1 CVE-2021-4166, CVE-2021-4192, CVE-2021-4193, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0408, CVE-2022-0443, CVE-2022-0554, CVE-2022-0572, CVE-2022-0629, CVE-2022-0685, CVE-2022-0714, CVE-2022-0729, CVE-2022-2207 Package Information: https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.7 https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.14 https://launchpad.net/ubuntu/+source/vim/2:8.0.1453-1ubuntu1.13

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

TYPE

overflow

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2026-02-02T21:58:00.242000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE