Login Sign Up

CVE-2022-2182

7.8 HIGH
Buffer Overflow

📋 TL;DR

CVE-2022-2182 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted files. Anyone using vulnerable Vim versions is affected.

💻 Affected Systems

Products:
  • Vim
Versions: All versions prior to 8.2
Operating Systems: Linux, Unix-like systems, Windows, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard Vim installations are vulnerable if using affected versions.

📦 What is this software?

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Vim by Vim

View all CVEs affecting Vim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the Vim user, potentially leading to full system compromise.

🟠

Likely Case

Local privilege escalation or arbitrary code execution when users open malicious files.

🟢

If Mitigated

Limited impact if Vim runs in sandboxed environments or with restricted privileges.

🌐 Internet-Facing: LOW - Vim is typically not directly internet-facing.
🏢 Internal Only: MEDIUM - Internal users could be targeted via malicious files.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (opening a malicious file). Proof-of-concept exists in public repositories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Vim 8.2 and later

Vendor Advisory: https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e

Restart Required: No

Instructions:

1. Update Vim using your system's package manager. 2. For Linux: 'sudo apt update && sudo apt upgrade vim' (Debian/Ubuntu) or 'sudo yum update vim' (RHEL/CentOS). 3. For Windows/macOS: Download latest version from vim.org. 4. Verify version with 'vim --version'.

🔧 Temporary Workarounds

Restrict file access

all

Limit Vim usage to trusted files only

Use alternative editor

all

Temporarily use nano, emacs, or other editors

🧯 If You Can't Patch

  • Run Vim with reduced privileges (non-root user)
  • Implement application allowlisting to restrict Vim execution

🔍 How to Verify

Check if Vulnerable:

Run 'vim --version' and check if version is below 8.2

Check Version:

vim --version | head -1

Verify Fix Applied:

Run 'vim --version' and confirm version is 8.2 or higher

📡 Detection & Monitoring

Log Indicators:

  • Segmentation fault or crash logs from Vim processes
  • Unusual file access patterns from Vim

Network Indicators:

  • File downloads followed by Vim execution

SIEM Query:

process_name:vim AND (event_type:crash OR exit_code:139)

📊 Metadata

CVE ID: CVE-2022-2182
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-122
Published: June 23, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-2182, you might also want to check these:

CVE-2021-21940 10.0

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote co...

Same vulnerability type (CWE-122)
CVE-2023-45318 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Wes...

Same vulnerability type (CWE-122)
CVE-2025-23123 10.0

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. ...

Same vulnerability type (CWE-122)