what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2022-2000

Status Candidate

Overview

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

Related Files

Ubuntu Security Notice USN-6557-1
Posted Dec 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6557-1 - It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-1725, CVE-2022-1771, CVE-2022-1886, CVE-2022-2000, CVE-2022-2042, CVE-2023-48232, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706
SHA-256 | 872f33dc2b7bc88b8c7bb037d8cce3aa5d34706dc69f05eec595485cb8f8d733
Gentoo Linux Security Advisory 202309-10
Posted Sep 29, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202309-10 - A vulnerability was discovered in Fish when handling git repository configuration that may lead to execution of arbitrary code Versions greater than or equal to 3.4.0 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2022-20001
SHA-256 | 572a7590ab409c9281cc1134af84314a58fce56fff13669b0c5444acd01a34e6
Apple Security Advisory 2022-10-27-9
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-9 - macOS Big Sur 11.7 addresses buffer overflow, bypass, code execution, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-39537, CVE-2022-1622, CVE-2022-1720, CVE-2022-2000, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-32854, CVE-2022-32864, CVE-2022-32866, CVE-2022-32875, CVE-2022-32877, CVE-2022-32881
SHA-256 | c73e2857761c956068e7a87947efc7e08c6f030930c3825652195b19d8ccc25d
Apple Security Advisory 2022-10-27-7
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-7 - macOS Monterey 12.6 addresses buffer overflow, bypass, code execution, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-39537, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0392, CVE-2022-1622, CVE-2022-1720, CVE-2022-2000, CVE-2022-2042, CVE-2022-2124
SHA-256 | 776bd472212b024c0a271e2551d3e338398d5e89c05777543489fa9ed80d28dd
Debian Security Advisory 5234-1
Posted Sep 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5234-1 - An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands.

tags | advisory, arbitrary, shell, code execution
systems | linux, debian
advisories | CVE-2022-20001
SHA-256 | d6134612ed2eb603546e00e78930c6db0692023b8724bb62b9827ee351491ec4
Ubuntu Security Notice USN-5516-1
Posted Jul 14, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5516-1 - It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2022-2000
SHA-256 | 2b35eeb66aef7e55d752dd27f31a559819f3baf5fd488d27ad4db3303002c760
Ubuntu Security Notice USN-5417-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5417-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-26401, CVE-2022-20008, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-26966, CVE-2022-27223, CVE-2022-29156
SHA-256 | 337688d78bd8984c56f452e4bee794482d878f55146f535c4c249b641b2b5f51
Ubuntu Security Notice USN-5415-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5415-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-26401, CVE-2022-1016, CVE-2022-20008, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-27223
SHA-256 | 691a35428f308c736b0b1c54fe6cb68b24805afc0173f36b49281af792f6943a
Android vold Unsafe Mounting
Posted Dec 2, 2021
Authored by Jann Horn, Google Security Research

Android's vold's incremental-fs APIs trust paths from system_server for mounting. There is supposed to be privilege separation between vold (TCB) and system_server (privileged process). However, vold's IPC handlers related to incremental-fs (mountIncFs, unmountIncFs, bindMount) allow system_server to specify semi-arbitrary paths, allowing system_server to trigger mounting on directories that shouldn't be under system_server control.

tags | exploit, arbitrary
advisories | CVE-2022-20002
SHA-256 | 6308f611ecd07bd987f8455171c29a25eff87e81ccf2cc8daeca7812645ea262
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close