← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

PublicDateAtUSN: 2016-11-23
Candidate: CVE-2016-1248
PublicDate: 2016-11-23
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1248
 http://openwall.com/lists/oss-security/2016/11/22/20
 https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog
 https://github.com/vim/vim/releases/tag/v8.0.0056
 https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html
 https://lists.debian.org/debian-security-announce/2016/msg00305.html
 http://www.ubuntu.com/usn/usn-3139-1
Description:
 vim before patch 8.0.0056 does not properly validate values for the
 'filetype', 'syntax' and 'keymap' options, which may result in the
 execution of arbitrary code if a file with a specially crafted modeline is
 opened.
Ubuntu-Description:
 Florian Larysch discovered that the Vim text editor did not properly
 validate values for the 'filetype', 'syntax', and 'keymap' options.
 An attacker could trick a user into opening a file with specially
 crafted modelines and possibly execute arbitrary code with the
 user's privileges.
Notes:
Bugs:
Priority: medium
Discovered-by: Florian Larysch
Assigned-to:

Patches_vim:
 upstream: https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
upstream_vim: released (2:8.0.0095-1)
precise_vim: released (2:7.3.429-2ubuntu2.2)
precise/esm_vim: released (2:7.3.429-2ubuntu2.2)
trusty_vim: released (2:7.4.052-1ubuntu3.1)
vivid/stable-phone-overlay_vim: ignored (reached end-of-life)
vivid/ubuntu-core_vim: needed
xenial_vim: released (2:7.4.1689-3ubuntu1.2)
yakkety_vim: released (2:7.4.1829-1ubuntu2.1)
zesty_vim: not-affected (2:8.0.0095-1ubuntu2)
devel_vim: not-affected (2:8.0.0095-1ubuntu2)

Patches_neovim:
 upstream: https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040
upstream_neovim: released (0.1.6-4)
precise_neovim: DNE
precise/esm_neovim: DNE
trusty_neovim: DNE
vivid/stable-phone-overlay_neovim: DNE
vivid/ubuntu-core_neovim: DNE
xenial_neovim: DNE
yakkety_neovim: DNE
zesty_neovim: not-affected (0.1.6-5)
devel_neovim: not-affected (0.1.6-5)