vim prior 9.0.0805 autocmd quickfix.c qf_update_buffer use after free

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. Using CWE to declare the problem leads to CWE-416. The weakness was shared 10/26/2022 as d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. The advisory is shared for download at github.com. This vulnerability is handled as CVE-2022-3705. The attack may be launched remotely. Technical details are available. There is no exploit available. The current price for an exploit might be approx. USD $0-$5k at the moment. It is declared as not defined. As 0-day the estimated underground price was around $0-$5k. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. The bugfix is ready for download at github.com. It is recommended to upgrade the affected component. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

3 Changes · 67 Data Points

FieldCreated
10/26/2022 08:44 PM
Update 1/2
11/25/2022 02:58 PM
Update 2/2
11/25/2022 03:02 PM
software_namevimvimvim
software_componentautocmd Handlerautocmd Handlerautocmd Handler
software_filequickfix.cquickfix.cquickfix.c
software_functionqf_update_bufferqf_update_bufferqf_update_buffer
vulnerability_cweCWE-416 (use after free)CWE-416 (use after free)CWE-416 (use after free)
vulnerability_risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acHHH
cvss3_vuldb_prNNN
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
advisory_identifierd0fab10ed2a86698937e3c3fed2f10bd9bb5e731d0fab10ed2a86698937e3c3fed2f10bd9bb5e731d0fab10ed2a86698937e3c3fed2f10bd9bb5e731
advisory_urlhttps://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731
countermeasure_nameUpgradeUpgradeUpgrade
upgrade_version9.0.08059.0.08059.0.0805
patch_named0fab10ed2a86698937e3c3fed2f10bd9bb5e731d0fab10ed2a86698937e3c3fed2f10bd9bb5e731d0fab10ed2a86698937e3c3fed2f10bd9bb5e731
countermeasure_patch_urlhttps://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731
source_cveCVE-2022-3705CVE-2022-3705CVE-2022-3705
cna_responsibleVulDBVulDBVulDB
advisory_date1666735200 (10/26/2022)1666735200 (10/26/2022)1666735200 (10/26/2022)
software_typeWord Processing SoftwareWord Processing SoftwareWord Processing Software
cvss2_vuldb_avNNN
cvss2_vuldb_acHHH
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore5.15.15.1
cvss2_vuldb_tempscore4.44.44.4
cvss3_vuldb_basescore5.05.05.0
cvss3_vuldb_tempscore4.84.84.8
cvss3_meta_basescore5.05.05.8
cvss3_meta_tempscore4.84.85.8
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1666735200 (10/26/2022)1666735200 (10/26/2022)
cve_nvd_summaryA vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.
cvss3_nvd_avN
cvss3_nvd_acH
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_cna_avN
cvss3_cna_acH
cvss3_cna_prN
cvss3_cna_uiR
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaVulDB
cvss3_nvd_basescore7.5
cvss3_cna_basescore5.0

Want to stay up to date on a daily basis?

Enable the mail alert feature now!