Bug 1190379 (CVE-2021-3770) - VUL-0: CVE-2021-3770: vim: using retab with large value may lead to heap buffer overflow
Summary: VUL-0: CVE-2021-3770: vim: using retab with large value may lead to heap buff...
Status: RESOLVED FIXED
Alias: CVE-2021-3770
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Assignee: Zoltan Balogh
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/309124/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-3770:7.8:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-10 08:35 UTC by Gabriele Sonnu
Modified: 2022-02-18 11:15 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Gabriele Sonnu 2021-09-10 15:21:33 UTC 
The affected code is in the tabstop_set function, introduced in vim 8.1.0105.
We ship older version in the various SLE products, so these packages are not affected.
This vulnerability affects only openSUSE:Factory (v8.2.3360).

Upstream patch:
https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9
Comment 2 Ondřej Súkup 2022-02-18 11:15:03 UTC 
openSUSE:Factory has now version 8.2.4xxx+ so fixed