Login Sign Up

CVE-2022-2175

7.8 HIGH
Buffer Overflow

📋 TL;DR

CVE-2022-2175 is a buffer over-read vulnerability in Vim text editor versions prior to 8.2. This allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information. Anyone using vulnerable Vim versions is affected.

💻 Affected Systems

Products:
  • Vim text editor
Versions: All versions prior to 8.2
Operating Systems: Linux, Unix-like systems, Windows, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of Vim prior to version 8.2 regardless of configuration.

📦 What is this software?

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Vim by Vim

View all CVEs affecting Vim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure leading to exposure of sensitive data like passwords, keys, or other memory contents, potentially enabling further attacks.

🟠

Likely Case

Application crash or exposure of limited memory contents, possibly revealing some system information.

🟢

If Mitigated

Minimal impact with proper memory protections and sandboxing in place.

🌐 Internet-Facing: LOW - Vim is typically not internet-facing software.
🏢 Internal Only: MEDIUM - Could be exploited by malicious users or scripts on systems where Vim is installed.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (opening a malicious file) or script execution. Proof of concept available in commit references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.2 and later

Vendor Advisory: https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e

Restart Required: No

Instructions:

1. Update Vim using your package manager: 'sudo apt update && sudo apt upgrade vim' (Debian/Ubuntu) or 'sudo yum update vim' (RHEL/CentOS). 2. For source installations: Download Vim 8.2+ from vim.org and compile. 3. Verify version with 'vim --version'.

🔧 Temporary Workarounds

Avoid opening untrusted files

all

Do not open files from untrusted sources with Vim.

Use alternative text editors

all

Temporarily use nano, emacs, or other text editors until Vim is patched.

🧯 If You Can't Patch

  • Restrict Vim usage to trusted users only
  • Implement application allowlisting to control Vim execution

🔍 How to Verify

Check if Vulnerable:

Run 'vim --version' and check if version is less than 8.2.

Check Version:

vim --version | head -1

Verify Fix Applied:

Run 'vim --version' and confirm version is 8.2 or higher.

📡 Detection & Monitoring

Log Indicators:

  • Segmentation fault or crash logs from Vim processes
  • Unexpected memory access errors in system logs

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

process_name:vim AND (event_type:crash OR error_message:"segmentation fault")

📊 Metadata

CVE ID: CVE-2022-2175
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-126
Published: June 23, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-2175, you might also want to check these:

CVE-2017-17772 9.8

This vulnerability allows attackers to perform out-of-bounds reads in 802.11 frame processing functi...

Same vulnerability type (CWE-126)
CVE-2023-36397 9.8

This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by ...

Same vulnerability type (CWE-126)
CVE-2021-34584 9.1

CVE-2021-34584 is a buffer over-read vulnerability in the CODESYS V2 web server that allows attacker...

Same vulnerability type (CWE-126)