Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2022:4282-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:4282-1

UNKNOWN

Security update for vim

Published Nov 29, 2022

Modified 3 years ago

Fix available

Details

This update for vim fixes the following issues:

Updated to version 9.0 with patch level 0814:

CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
CVE-2022-3234: Fixed heap-based buffer overflow (bsc#1203508).
CVE-2022-3235: Fixed use-after-free (bsc#1203509).
CVE-2022-3324: Fixed stack-based buffer overflow (bsc#1203820).
CVE-2022-3705: Fixed use-after-free in function qf_update_buffer of the file quickfix.c (bsc#1204779).
CVE-2022-2982: Fixed use-after-free in qf_fill_buffer() (bsc#1203152).
CVE-2022-3296: Fixed stack out of bounds read in ex_finally() in ex_eval.c (bsc#1203796).
CVE-2022-3297: Fixed use-after-free in process_next_cpt_value() at insexpand.c (bsc#1203797).
CVE-2022-3099: Fixed use-after-free in ex_docmd.c (bsc#1203110).
CVE-2022-3134: Fixed use-after-free in do_tag() (bsc#1203194).
CVE-2022-3153: Fixed NULL pointer dereference (bsc#1203272).
CVE-2022-3278: Fixed NULL pointer dereference in eval_next_non_blank() in eval.c (bsc#1203799).
CVE-2022-3352: Fixed use-after-free (bsc#1203924).
CVE-2022-2980: Fixed NULL pointer dereference in do_mouse() (bsc#1203155).
CVE-2022-3037: Fixed use-after-free (bsc#1202962).

Affected Packages

SUSE:Enterprise Storage 6gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 6vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 6vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 6vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 7gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 7vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 7vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Enterprise Storage 7vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.1vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.1vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.1vim-small

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.2vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.2vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.2vim-small

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.3vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.3vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Micro 5.3vim-small

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3vim-small

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP4vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP4vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP4vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Basesystem 15 SP4vim-small

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP4gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP4vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-BCLgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-BCLvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-BCLvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-BCLvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-LTSSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-LTSSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-LTSSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP1-LTSSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-BCLgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-BCLvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-BCLvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-BCLvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-LTSSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-LTSSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-LTSSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15 SP2-LTSSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15-LTSSgvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15-LTSSvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15-LTSSvim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server 15-LTSSvim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Proxy 4.1gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Proxy 4.1vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Proxy 4.1vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Proxy 4.1vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Retail Branch Server 4.1gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Retail Branch Server 4.1vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Retail Branch Server 4.1vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Retail Branch Server 4.1vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Server 4.1gvim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Server 4.1vim

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Server 4.1vim-data

Fixed in:

9.0.0814-150000.5.28.1

SUSE:Manager Server 4.1vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.3gvim

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.3vim

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.3vim-data

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.3vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.3vim-small

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.4gvim

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.4vim

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.4vim-data

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.4vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap 15.4vim-small

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap Micro 5.2vim

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap Micro 5.2vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap Micro 5.2vim-small

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap Micro 5.3vim

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap Micro 5.3vim-data-common

Fixed in:

9.0.0814-150000.5.28.1

openSUSE:Leap Micro 5.3vim-small

Fixed in:

9.0.0814-150000.5.28.1

References

REPORThttps://bugzilla.suse.com/1192478 REPORThttps://bugzilla.suse.com/1202962 REPORThttps://bugzilla.suse.com/1203110 REPORThttps://bugzilla.suse.com/1203152 REPORThttps://bugzilla.suse.com/1203155 REPORThttps://bugzilla.suse.com/1203194 REPORThttps://bugzilla.suse.com/1203272 REPORThttps://bugzilla.suse.com/1203508 REPORThttps://bugzilla.suse.com/1203509 REPORThttps://bugzilla.suse.com/1203796 REPORThttps://bugzilla.suse.com/1203797 REPORThttps://bugzilla.suse.com/1203799 REPORThttps://bugzilla.suse.com/1203820 REPORThttps://bugzilla.suse.com/1203924 REPORThttps://bugzilla.suse.com/1204779 WEBhttps://www.suse.com/security/cve/CVE-2021-3928 WEBhttps://www.suse.com/security/cve/CVE-2022-2980 WEBhttps://www.suse.com/security/cve/CVE-2022-2982 WEBhttps://www.suse.com/security/cve/CVE-2022-3037 WEBhttps://www.suse.com/security/cve/CVE-2022-3099 WEBhttps://www.suse.com/security/cve/CVE-2022-3134 WEBhttps://www.suse.com/security/cve/CVE-2022-3153 WEBhttps://www.suse.com/security/cve/CVE-2022-3234 WEBhttps://www.suse.com/security/cve/CVE-2022-3235 WEBhttps://www.suse.com/security/cve/CVE-2022-3278 WEBhttps://www.suse.com/security/cve/CVE-2022-3296 WEBhttps://www.suse.com/security/cve/CVE-2022-3297 WEBhttps://www.suse.com/security/cve/CVE-2022-3324 WEBhttps://www.suse.com/security/cve/CVE-2022-3352 WEBhttps://www.suse.com/security/cve/CVE-2022-3705 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20224282-1/

Upstream

CVE-2021-3928 CVE-2022-2980 CVE-2022-2982 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 CVE-2022-3234 CVE-2022-3235 CVE-2022-3278 CVE-2022-3296 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3705

Related

CVE-2021-3928 CVE-2022-2980 CVE-2022-2982 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 CVE-2022-3234 CVE-2022-3235 CVE-2022-3278 CVE-2022-3296 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3705

Ecosystems

SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-BCL SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Leap Micro 5.2 openSUSE Leap Micro 5.3

Timeline

PublishedNov 29, 2022

ModifiedNov 29, 2022