CVE-2024-45306

MEDIUM EPSS 21.4%
Published Sep 2, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 2, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at the specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
21.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-122
CWE-787 Out-of-bounds Write Memory Safety

Affected Products 1

VendorProductVersionRange
vimvim*≥9.1.0038  –  <9.1.0707

References 4

  • github.com https://github.com/vim/vim/commit/396fd1ec2956307755392a1
    Patch
  • github.com https://github.com/vim/vim/releases/tag/v9.1.0038
    Release Notes
  • github.com https://github.com/vim/vim/security/advisories/GHSA-wxf9-c5gx-qrwr
    Third Party Advisory
  • security.netapp.com https://security.netapp.com/advisory/ntap-20241004-0007/

Remediation

  • github.com https://github.com/vim/vim/commit/396fd1ec2956307755392a1
    Patch