Your submission was sent successfully! Close

CVE-2017-1000382

Published: 31 October 2017

VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.

Notes

AuthorNote
leosilva
I could reproduce following openwall steps
after apply the patch community put available
and repeat the steps in openwall I still got
the same bug behaviour so not sure if patch fix it waiting any comment from community
I could confirm with upstream the patch debian put available from upstream doesn't fix the issue
msalvatore
Ignoring this CVE. Bram Moolenar (vim's BDFL) had this to say:
1) The permissions are the same as the original file, and that is exactly how it should be.
2) This is working as intended, Vim does not use umask this way.  Umask is only used by
simple commands such as cp, not by long running processes that deal with many files.
Problem is with the user expectations.
Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
vim
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Ignored
(upstream disputes CVE)
cosmic Ignored
(upstream disputes CVE)
precise Ignored
(upstream disputes CVE)
trusty Ignored
(upstream disputes CVE)
upstream Needs triage

xenial Ignored
(upstream disputes CVE)
zesty Ignored
(reached end-of-life)