NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Vim
  • Vim
Apple
  • Macos
Fedoraproject
  • Fedora

Configuration 1 [-]

cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
References
Link Resource
http://seclists.org/fulldisclosure/2022/Oct/28
http://seclists.org/fulldisclosure/2022/Oct/41 Mailing List Third Party Advisory
https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f Patch Third Party Advisory
https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51 Exploit Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/
https://security.gentoo.org/glsa/202208-32 Third Party Advisory
https://security.gentoo.org/glsa/202305-16
https://support.apple.com/kb/HT213488 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2022-05-08T00:00:00

Updated: 2023-05-03T00:00:00

Reserved: 2022-05-07T00:00:00

Link: CVE-2022-1620

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2022-05-08T11:15:07.880

Modified: 2023-11-07T03:42:03.080

Link: CVE-2022-1620

JSON object: View

cve-icon Redhat Information

No data.

CWE