[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] NULL pointer dereference in the function handle_viminfo_register() of vim

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] NULL pointer dereference in the function handle_viminfo_register() of vim
From: Christian Brabandt <cb@xxxxxxxxxx>
Date: Mon, 29 Jan 2024 08:48:20 +0100

Meng Ruijie wrote:
> [Vulnerability description]
> A NULL pointer dereference in the function handle_viminfo_register() of vim 
> v9.0 allows attackers to cause a Denial of Service (DoS) via crafted file.
> 
> [VulnerabilityType Other]
> null pointer deference
> 
> [Vendor of Product]
> vim
> 
> [Affected Product Code Base]
> vim - 9.0
> 
> [Reference]
> https://github.com/vim/vim/issues/12652
> 
> [CVE Reference]
> The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned 
> the name CVE-2023-45921 to this vulnerability.

Meng,

This particular problem was fixed in Vim v9.0.1740 
https://github.com/vim/vim/commit/0a0764684591c7c6a5d722b628f11dc96208e853

I have no idea, why this issue is worth a CVE, because if an attacker
can modify your .viminfo file to make Vim crash, he already has the 
possibilities to do much more harm directly. So I don't think this is 
particular useful CVE. I'd also like to dispute this.

Thanks,
Christian
-- 
Ist der Bauer heut' gestorben, braucht er nichts zu essen morgen.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Next by Date: [FD] [KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability
Next by thread: [FD] [KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability
Index(es):
- Date
- Thread