VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 17, 2022· Updated Aug 2, 2024

Stack-based Buffer Overflow in vim/vim

CVE-2022-0629

Description

A stack-based buffer overflow in vim prior to 8.2 allows arbitrary code execution via a crafted file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A stack-based buffer overflow in vim prior to 8.2 allows arbitrary code execution via a crafted file.

Vulnerability

A stack-based buffer overflow vulnerability exists in vim versions prior to 8.2. The bug resides in the core text processing logic, potentially triggered by opening a specially crafted file.

Exploitation

An attacker can exploit this by crafting a malicious file that, when opened in vim, overflows a stack buffer. No special privileges are required; the victim simply needs to open the file with vim.

Impact

Successful exploitation could lead to arbitrary code execution or denial of service, depending on the payload. The crash might be leveraged for code execution at the privilege level of the user running vim.

Mitigation

The vulnerability is fixed in vim version 8.2 and later. Gentoo Linux recommends upgrading to vim-9.0.0060 or later [4]. Users should update their vim installation accordingly. No known workarounds exist.

References
  1. Multiple Vulnerabilities (GLSA 202208-32) — Gentoo security

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

9

News mentions

0

No linked articles in our index yet.