vulnerability
Ubuntu: USN-6557-1 (CVE-2023-48237): Vim vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:S/C:N/I:N/A:P) | Nov 16, 2023 | Dec 19, 2023 | Apr 16, 2026 |
Severity
2
CVSS
(AV:L/AC:M/Au:S/C:N/I:N/A:P)
Published
Nov 16, 2023
Added
Dec 19, 2023
Modified
Apr 16, 2026
Description
Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `6bf131888` which has been included in version 9.0.2112. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Solutions
ubuntu-pro-upgrade-vimubuntu-pro-upgrade-vim-athenaubuntu-pro-upgrade-vim-gtkubuntu-pro-upgrade-vim-gtk3ubuntu-pro-upgrade-vim-noxubuntu-pro-upgrade-vim-tinyubuntu-pro-upgrade-xxdubuntu-upgrade-vimubuntu-upgrade-vim-athenaubuntu-upgrade-vim-gtkubuntu-upgrade-vim-gtk3ubuntu-upgrade-vim-noxubuntu-upgrade-vim-tinyubuntu-upgrade-xxd
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.