{ "threat_severity" : "Low", "public_date" : "2022-08-23T00:00:00Z", "bugzilla" : { "description" : "vim: use after free in function vim_vsnprintf_typval", "id" : "2120993", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2120993" }, "cvss3" : { "cvss3_base_score" : "7.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status" : "draft" }, "cwe" : "CWE-416", "details" : [ "Use After Free in GitHub repository vim/vim prior to 9.0.0246.", "A flaw was found in vim, where it is vulnerable to a use-after-free in the vim_vsnprintf_typval function. This flaw allows a specially crafted file to crash a program, use unexpected values, or execute code." ], "statement" : "To exploit CVE-2022-2946, an attacker must provide a specially crafted file to a user who then opens it using a vulnerable version of Vim. Successful exploitation can lead to arbitrary code execution or cause the application to crash, compromising the system's confidentiality, integrity, and availability.\nConsidering user interaction is required and this vulnerabiltiy can only be exploited locally, RH ProdSec has set the Impact of this vulnerability to \"Low\"", "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "vim", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "vim", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "vim", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "vim", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-2946\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-2946\nhttps://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5" ], "name" : "CVE-2022-2946", "csaw" : false }