Your submission was sent successfully! Close

CVE-2021-4166

Published: 25 December 2021

vim is vulnerable to Out-of-bounds Read

Priority

Medium

CVSS 3 base score: 7.1

Status

Package Release Status
vim
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

hirsute Ignored
(reached end-of-life)
impish Needed

jammy Not vulnerable
(2:8.2.3995-1ubuntu2)
trusty Needed

upstream
Released (8.2.3884)
xenial Needed

Notes

AuthorNote
ccdm94
code in bionic and earlier does not include file src/arglist.c,
which is the patched file. However, the patched code, as seen in
commit 4ad62155a10, seems to be instead present in src/buffer.c
for the previously mentioned group of releases.

References

Bugs