Detections
Analytics

TencentOS Server 4: vim (TSSA-2024:1005)

high Nessus Plugin ID 239012

Synopsis

The remote TencentOS Server 4 host is missing one or more security updates.

Description

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1005 advisory.

 Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

 CVE-2023-4736:
 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.

 CVE-2023-5441:
 Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.

 CVE-2023-4752:
 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.

 CVE-2023-4738:
 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.

 CVE-2023-4781:
 Use After Free in GitHub repository vim/vim prior to 9.0.1858.

 CVE-2023-4733:
 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.

 CVE-2023-4734:
 Use After Free in GitHub repository vim/vim prior to 9.0.1840.

 CVE-2023-5535:
 Use After Free in GitHub repository vim/vim prior to 9.0.1857.

 CVE-2023-4750:
 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.

 CVE-2023-5344:
 NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.

 CVE-2023-4735:
 Use After Free in GitHub repository vim/vim prior to v9.0.2010.

 CVE-2023-1170:
 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.

 CVE-2023-1175:
 Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.

 CVE-2023-1264:
 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.

 CVE-2023-1355:
 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.

 CVE-2023-2426:
 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.

 CVE-2023-2609:
 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.

 CVE-2023-2610:
 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.

 CVE-2023-3896:
 Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3

 CVE-2023-46246:
 Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.


 CVE-2021-3236:
 vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.

 CVE-2022-2289:
 Use After Free in GitHub repository vim/vim prior to 9.0.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://mirrors.tencent.com/tlinux/errata/tssa-20241005.xml

Plugin Details

Severity: High

ID: 239012

File Name: tencentos_TSSA_2024_1005.nasl

Version: 1.2

Type: local

Published: 6/16/2025

Updated: 11/20/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-2289

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2023-5535

Vulnerability Information

CPE: p-cpe:/a:tencent:tencentos_server:vim, cpe:/o:tencent:tencentos_server:4

Required KB Items: Host/local_checks_enabled, Host/etc/os-release, Host/TencentOS/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/2/2024

Vulnerability Publication Date: 12/2/2024

Reference Information

CVE: CVE-2021-3236, CVE-2022-2289, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-1355, CVE-2023-2426, CVE-2023-2609, CVE-2023-2610, CVE-2023-3896, CVE-2023-46246, CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4736, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535