CVE-2024-43374
Publication date 16 August 2024
Last updated 5 September 2024
Ubuntu priority
The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it is shown), this causes the window structure to be freed which contains a reference to the argument list that we are actually modifying. Once the autocommands are completed, the references to the window and argument list are no longer valid and as such cause an use-after-free. Impact is low since the user must either intentionally add some unusual autocommands that wipe a buffer during creation (either manually or by sourcing a malicious plugin), but it will crash Vim. The issue has been fixed as of Vim patch v9.1.0678.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| vim | 24.04 LTS noble |
Fixed 2:9.1.0016-1ubuntu7.2
|
| 22.04 LTS jammy |
Fixed 2:8.2.3995-1ubuntu2.18
|
|
| 20.04 LTS focal |
Fixed 2:8.1.2269-1ubuntu5.24
|
|
| 18.04 LTS bionic |
Fixed 2:8.0.1453-1ubuntu1.13+esm9
|
|
| 16.04 LTS xenial |
Fixed 2:7.4.1689-3ubuntu1.5+esm24
|
|
| 14.04 LTS trusty |
Fixed 2:7.4.052-1ubuntu3.1+esm18
|
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProReferences
Related Ubuntu Security Notices (USN)
- USN-6993-1
- Vim vulnerabilities
- 5 September 2024