QID 354406
Date Published: 2022-12-21
QID 354406: Amazon Linux Security Advisory for vim : ALAS2022-2021-005
Vim is vulnerable to heap-based buffer overflow (cve-2021-3903) a flaw was found in vim.
A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.
The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (
( CVE-2021-3927) a flaw was found in vim.
A possible stack-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.
( CVE-2021-3928) a flaw was found in vim.
A possible heap use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution.
The highest threat from this vulnerability is to system availability. (
( CVE-2021-3968) a flaw was found in vim.
( CVE-2021-3973) a flaw was found in vim.
A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution.
( CVE-2021-3974) a flaw was found in vim.
A possible heap-based buffer overflow allows an attacker to input a specially crafted file, leading to a crash or code execution.
The highest threat from this vulnerability is confidentiality, integrity, and system availability. (
( CVE-2021-3984)
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
- ALAS2022-2021-005 -
alas.aws.amazon.com/AL2022/ALAS-2021-005.html
CVEs related to QID 354406
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ALAS2022-2021-005 | amazon linux 2022 |
alas.aws.amazon.com/AL2022/ALAS-2021-005.html |