Login Sign Up

CVE-2024-45306

4.5 MEDIUM
Buffer Overflow

📋 TL;DR

A heap buffer overflow vulnerability in Vim text editor occurs when cursor position becomes invalid and points beyond line boundaries, potentially causing program crashes. This affects all users running vulnerable Vim versions who open or edit files. The vulnerability stems from an optimization in patch v9.1.0038 that removed cursor position validation.

💻 Affected Systems

Products:
  • Vim text editor
Versions: Vim versions between v9.1.0038 and v9.1.0706 inclusive
Operating Systems: All operating systems running Vim (Linux, macOS, Windows, BSD)
Default Config Vulnerable: ⚠️ Yes
Notes: All Vim installations with affected versions are vulnerable regardless of configuration

📦 What is this software?

Vim by Vim

View all CVEs affecting Vim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Arbitrary code execution leading to full system compromise if heap overflow can be controlled to execute malicious code

🟠

Likely Case

Program crash (segmentation fault) when accessing invalid memory locations

🟢

If Mitigated

No impact if patched version is used or vulnerable Vim instances are not processing untrusted files

🌐 Internet-Facing: LOW - Vim is typically not exposed to internet-facing services
🏢 Internal Only: MEDIUM - Internal users may crash Vim when editing files, but exploitation for code execution requires specific conditions

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Trigger conditions are unclear and require specific cursor positioning scenarios

No public exploit available. The advisory states 'It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position.'

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v9.1.0707

Vendor Advisory: https://github.com/vim/vim/security/advisories/GHSA-wxf9-c5gx-qrwr

Restart Required: No

Instructions:

1. Download latest Vim from https://github.com/vim/vim/releases 2. Compile and install following standard build procedures 3. For package managers: Use system update commands (apt upgrade vim, yum update vim, brew upgrade vim)

🔧 Temporary Workarounds

Use alternative text editor

all

Temporarily use nano, emacs, or other text editors until Vim is patched

Restrict Vim usage

all

Limit Vim usage to trusted files and environments only

🧯 If You Can't Patch

  • Monitor for Vim crash events in system logs
  • Implement application allowlisting to restrict Vim execution in sensitive environments

🔍 How to Verify

Check if Vulnerable:

Run 'vim --version' and check if version is between 9.1.0038 and 9.1.0706

Check Version:

vim --version | head -1

Verify Fix Applied:

Run 'vim --version' and confirm version is 9.1.0707 or higher

📡 Detection & Monitoring

Log Indicators:

  • Segmentation fault crashes in Vim process
  • Core dumps from vim process

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

process_name:vim AND (event_type:crash OR exit_code:139 OR exit_code:11)

📊 Metadata

CVE ID: CVE-2024-45306
CVSS v3 Score: 4.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CWE: CWE-122
Published: September 2, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45306, you might also want to check these:

CVE-2021-21940 10.0

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote co...

Same vulnerability type (CWE-122)
CVE-2023-45318 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Wes...

Same vulnerability type (CWE-122)
CVE-2025-23123 10.0

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. ...

Same vulnerability type (CWE-122)