Bug 33504 - vim new security issues including CVE-2024-41957, CVE-2024-43374, CVE-2024-43802
Summary: vim new security issues including CVE-2024-41957, CVE-2024-43374, CVE-2024-43802
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2024-09-02 11:24 CEST by Nicolas Salguero
Modified: 2024-10-03 09:45 CEST (History)
4 users (show)

See Also:
Source RPM: vim-9.1.411-1.1.mga9.src.rpm
CVE: CVE-2024-41957, CVE-2024-43374, CVE-2024-43802
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Nicolas Salguero 2024-09-02 11:25:12 CEST

CVE: (none) => CVE-2024-41957, CVE-2024-43374
Whiteboard: (none) => MGA9TOO
Source RPM: (none) => vim-9.1.672-2.mga10.src.rpm

Comment 1 Marja Van Waes 2024-09-04 08:47:20 CEST 
Assigning to the registered maintainer.

Assignee: bugsquad => thierry.vignaud
CC: (none) => marja11

Comment 2 Nicolas Salguero 2024-09-07 10:09:20 CEST 
Suggested advisory:
========================

The updated packages fix security vulnerabilities, including:

Use-after-free in tagstack_clear_entry() in Vim < v9.1.0647. (CVE-2024-41957)

Use-after-free in alist_add() in Vim < v9.1.0678. (CVE-2024-43374)

References:
https://openwall.com/lists/oss-security/2024/08/01/1
https://openwall.com/lists/oss-security/2024/08/01/2
https://openwall.com/lists/oss-security/2024/08/15/6
https://openwall.com/lists/oss-security/2024/08/22/3
https://openwall.com/lists/oss-security/2024/08/25/1
https://openwall.com/lists/oss-security/2024/08/31/1
========================

Updated packages in core/updates_testing:
========================
vim-X11-9.1.719-1.mga9
vim-common-9.1.719-1.mga9
vim-enhanced-9.1.719-1.mga9
vim-minimal-9.1.719-1.mga9

from SRPM:
vim-9.1.719-1.mga9.src.rpm

Whiteboard: MGA9TOO => (none)
Status: NEW => ASSIGNED
Source RPM: vim-9.1.672-2.mga10.src.rpm => vim-9.1.411-1.1.mga9.src.rpm
Assignee: thierry.vignaud => qa-bugs
Version: Cauldron => 9

katnatek 2024-09-07 18:43:54 CEST

Keywords: (none) => advisory

Comment 3 Len Lawrence 2024-09-08 12:20:43 CEST 
mga9, x64

Did not try to reproduce the use-after-free issues.
Updated the packages and found no problems with vim.
The usual vi type commands all worked as they should.

Looks OK to me.

Whiteboard: (none) => MGA9-64-OK
CC: (none) => tarazed25

Comment 4 Thomas Andrews 2024-09-09 02:40:26 CEST 
Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Comment 5 Mageia Robot 2024-09-09 21:00:49 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0285.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED

Comment 6 Nicolas Salguero 2024-10-03 09:45:55 CEST 
This version also fixed CVE-2024-43802 (fixed since v9.1.0697):
https://ubuntu.com/security/notices/USN-7048-1

Summary: vim new security issues including CVE-2024-41957, CVE-2024-43374 => vim new security issues including CVE-2024-41957, CVE-2024-43374, CVE-2024-43802
CVE: CVE-2024-41957, CVE-2024-43374 => CVE-2024-41957, CVE-2024-43374, CVE-2024-43802
Note You need to log in before you can comment on or make changes to this bug.