Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2021-3974

Published: 19 November 2021

vim is vulnerable to Use After Free

Priority

CVSS 3 base score: 7.8

Status

Package	Release	Status
vim Launchpad, Ubuntu, Debian	bionic	Released (2:8.0.1453-1ubuntu1.8)
	focal	Released (2:8.1.2269-1ubuntu5.6)
	hirsute	Ignored (reached end-of-life)
	impish	Released (2:8.2.2434-3ubuntu3.2)
	jammy	Not vulnerable (2:8.2.3995-1ubuntu2.1)
	kinetic	Not vulnerable (2:9.0.0242-1ubuntu1)
	trusty	Needed
	upstream	Released (v8.2.3612)
	xenial	Released (2:7.4.1689-3ubuntu1.5+esm4)
	Patches: upstream: https://github.com/vim/vim/commit/64066b9acd9f8cffdf4840f797748f938a13f2d6

References

Bugs

https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading