CVE-2022-1154

一、漏洞信息
漏洞编号：CVE-2022-1154
漏洞归属组件：vim
漏洞归属的版本：8.2,8.2.4444
CVSS V3.0分值：
BaseScore：9.8 Critical
Vector：CVSS：3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞简述：
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
漏洞公开时间：2022-03-30 20:15
漏洞创建时间：2022-05-12 10:34:24
漏洞详情参考链接：
https://nvd.nist.gov/vuln/detail/CVE-2022-1154

更多参考(点击展开)

参考来源	参考链接	来源链接
CONFIRM	https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
MISC	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/
MLIST	https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html
nvd	https://access.redhat.com/security/cve/CVE-2022-1154
redhat_bugzilla	https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
ubuntu	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154
ubuntu	https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
ubuntu	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
ubuntu	https://ubuntu.com/security/notices/USN-5433-1
ubuntu	https://nvd.nist.gov/vuln/detail/CVE-2022-1154
ubuntu	https://launchpad.net/bugs/cve/CVE-2022-1154
ubuntu	https://security-tracker.debian.org/tracker/CVE-2022-1154
debian	https://security-tracker.debian.org/tracker/CVE-2022-1154
oracle	https://www.oracle.com/security-alerts/linuxbulletinapr2022.html

漏洞分析指导链接：
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
其它
漏洞补丁信息：

详情(点击展开)

影响的包	修复版本	修复补丁	问题引入补丁	来源
		https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5		MISC
		https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5		ubuntu

二、漏洞分析结构反馈
影响性分析说明：
vim 8.2.4646 之前版本存在资源管理错误漏洞，该漏洞源于 utf_ptr2char 函数中存在释放后重用漏洞。
openEuler评分：
9.8
Vector：CVSS：3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
受影响版本排查(受影响/不受影响)：
1.openEuler-20.03-LTS-SP1(9.0):受影响
2.openEuler-20.03-LTS-SP3(9.0):受影响
3.openEuler-22.03-LTS(9.0):受影响

修复是否涉及abi变化(是/否)：
1.openEuler-20.03-LTS-SP1(9.0):否
2.openEuler-20.03-LTS-SP3(9.0):否
3.openEuler-22.03-LTS(9.0):否

三、漏洞修复
安全公告链接：https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2022-1656

参考网址	关联pr	状态	补丁链接
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2022-1154	None	None	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
https://ubuntu.com/security/CVE-2022-1154	None	None	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1154	None	None	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
https://nvd.nist.gov/vuln/detail/CVE-2022-1154	None	None	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
https://security-tracker.debian.org/tracker/CVE-2022-1154	None	None	https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5

说明：补丁链接仅供初步排查参考，实际可用性请人工再次确认，补丁下载验证可使用CVE补丁工具。
若补丁不准确，烦请在此issue下评论 '/report-patch 参考网址补丁链接1,补丁链接2' 反馈正确信息，便于我们不断优化工具，不胜感激。
如 /report-patch https://security-tracker.debian.org/tracker/CVE-2021-3997 https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1

影响性分析说明：vim 8.2.4646 之前版本存在资源管理错误漏洞，该漏洞源于 utf_ptr2char 函数中存在释放后重用漏洞。

openEuler评分：
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
受影响版本排查(受影响/不受影响)：
1.openEuler-20.03-LTS-SP1(8.2):受影响
2.openEuler-20.03-LTS-SP3(8.2):受影响
3.openEuler-22.03-LTS(8.2):受影响

修复是否涉及abi变化(是/否)：
1.openEuler-20.03-LTS-SP1(8.2):否
2.openEuler-20.03-LTS-SP3(8.2):否
3.openEuler-22.03-LTS(8.2):否

参考https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425/ 进行复现问题
可以使用valgrind进行内存问题检测

补丁链接：https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5

src-openEuler/vim

内容风险标识

评论 (11)

src-openEuler/vim .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2022-1154

评论 (11)

搜索帮助

src-openEuler/vim