VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 2, 2022· Updated Apr 23, 2025

Use After Free in vim/vim

CVE-2022-3591

Description

A use-after-free vulnerability in Vim's dummy buffer handling allows denial of service via crafted autocommands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A use-after-free vulnerability in Vim's dummy buffer handling allows denial of service via crafted autocommands.

Vulnerability

A use-after-free vulnerability exists in the buffer handling code of Vim prior to version 9.0.0789 [1]. The flaw is located in the do_buffer_ext function, which fails to prevent navigation to a buffer flagged as BF_DUMMY. When an autocommand triggers a window split or goto on a dummy buffer, the freed buffer can be accessed, leading to a use-after-free condition [1][2].

Exploitation

An attacker can exploit this vulnerability by configuring autocmd events—specifically BufReadPre—to execute a command such as sbuf (split buffer) with the current buffer number. The sequence requires the attacker to create a file with a correct quickfix entry name and then open it, causing Vim to attempt a split on the dummy buffer. The attacker does not need authenticated access but does need the ability to load a prepared file or trigger an autocmd scenario [1].

Impact

Successful exploitation results in denial of service due to a use-after-free, potentially causing Vim to crash or behave unpredictably. The vulnerability does not appear to allow arbitrary code execution based on the available references; the primary outcome is a crash or hang of the editor [2].

Mitigation

The fix was released in Vim version 9.0.0789, available via the official patch repository [1]. Gentoo has released an updated package (>=app-editors/vim-9.0.1157) to address this and other vulnerabilities [2]. Users should update to the latest version; no known workaround exists aside from applying the patch [2].

References
  1. patch 9.0.0789: dummy buffer ends up in a window · vim/vim@8f3c3c6
  2. Multiple Vulnerabilities (GLSA 202305-16) — Gentoo security

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

38

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.