vulnerability

Amazon Linux AMI 2: CVE-2024-22667: Security patch for vim (ALAS-2024-2452)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Feb 5, 2024	Feb 21, 2024	Feb 10, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Feb 5, 2024

Added

Feb 21, 2024

Modified

Feb 10, 2025

Description

Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.

Solutions

amazon-linux-ami-2-upgrade-vim-commonamazon-linux-ami-2-upgrade-vim-dataamazon-linux-ami-2-upgrade-vim-debuginfoamazon-linux-ami-2-upgrade-vim-enhancedamazon-linux-ami-2-upgrade-vim-filesystemamazon-linux-ami-2-upgrade-vim-minimalamazon-linux-ami-2-upgrade-vim-x11amazon-linux-ami-2-upgrade-xxd

References

AMAZON-AL2/ALAS-2024-2452
CVE-2024-22667
https://attackerkb.com/topics/CVE-2024-22667

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today