Alpine: vim: security update to 9.1.0707-r0

medium Tenable Self-Hosted Container Security Plugin ID 408500

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Vim is an open source command line text editor. When performing a search and displaying the search-count
message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer
(msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by
allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated
will be smaller than the original allocated buffer (because for allocating the reversed buffer, the
strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original
length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the
previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689.
(CVE-2024-43790)

- Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the
current position in the typeahead buffer but does not check whether there is enough space left in the
buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable
to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g.
ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before
advancing the off position. If not, fall back to flush current typebuf contents. It's not quite clear yet,
what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to
flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the
off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to
have several mappings active and run into some error condition. But when this happens, this will cause a
crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no
known workarounds for this issue. (CVE-2024-43802)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-43790

https://security.alpinelinux.org/vuln/CVE-2024-43802

Plugin Details

Severity: Medium

ID: 408500

Version: Revision 1.10

Type: Local

Published: 9/3/2024

Updated: 12/19/2025

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.18

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2024-43790

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/22/2024

Reference Information

CVE: CVE-2024-43790, CVE-2024-43802

IAVA: 2024-A-0526-S