CVE-2023-48232

Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

History

25 Jan 2024, 21:37

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20231227-0006/ - () https://security.netapp.com/advisory/ntap-20231227-0006/ - Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/ - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/ - Mailing List, Third Party Advisory
CPE cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

27 Dec 2023, 15:15

Type Values Removed Values Added
CWE CWE-755
References
  • () https://security.netapp.com/advisory/ntap-20231227-0006/ -

26 Nov 2023, 04:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/ -

24 Nov 2023, 18:39

Type Values Removed Values Added
First Time Vim
Fedoraproject
Vim vim
Fedoraproject fedora
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.3
CPE cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
References () https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce - () https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce - Patch
References () http://www.openwall.com/lists/oss-security/2023/11/16/1 - () http://www.openwall.com/lists/oss-security/2023/11/16/1 - Mailing List
References () https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw - () https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw - Vendor Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/ - Mailing List, Third Party Advisory

24 Nov 2023, 03:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/ -

17 Nov 2023, 01:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2023/11/16/1 -

16 Nov 2023, 23:57

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-16 23:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-48232

Mitre link : CVE-2023-48232

CVE.ORG link : CVE-2023-48232


JSON object : View

Products Affected

fedoraproject

  • fedora

vim

  • vim
CWE
CWE-755

Improper Handling of Exceptional Conditions