ubuntu.com
Open in
urlscan Pro
2620:2d:4000:1::26
Public Scan
Submitted URL: https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-2000.html
Effective URL: https://ubuntu.com/security/CVE-2022-2000
Submission: On January 02 via api from SG — Scanned from GB
Effective URL: https://ubuntu.com/security/CVE-2022-2000
Submission: On January 02 via api from SG — Scanned from GB
Form analysis 1 forms found in the DOM
/search
<form action="/search" class="p-search-box" id="ubuntu-global-search-form">
<input type="search" class="p-search-box__input" name="q" placeholder="Search our sites" required="" aria-label="Search our sites">
<button type="reset" class="p-search-box__reset"><i class="p-icon--close">Close</i></button>
<button type="submit" class="p-search-box__button"><i class="p-icon--search">Search</i></button>
</form>Text Content
Skip to main content
Canonical
* We are hiring
* Products
PRODUCTS
* Ubuntu
* Snapcraft
* LXD
* MAAS
* Charmed OpenStack
* Charmed Kubernetes
* Juju
* Multipass
* Ubuntu Pro
ALSO FROM CANONICAL
* Launchpad
* Ubuntu Image Service
* Cloud-init
* Mir
* Landscape
* Netplan
* Charmed Kubeflow
* MicroK8s
* MicroStack
RESOURCES
* Webinars
* Tutorials
* Videos
* Case studies
* White papers
* Docs
* Training
* Blog
* Developer
* Install
* Download
ABOUT
* Ubuntu
* Canonical
* Press centre
* Partners
* Contact
* UBUNTU ›
The new standard secure enterprise Linux for servers, desktops, clouds,
developers and things.
* SNAPCRAFT ›
The app store with secure packages and ultra-reliable updates for multiple
Linux distros.
* Login ›
* LXD ›
A pure-container hypervisor. Replace legacy app VMs with containers for speed
and density
* MAAS ›
Create a bare-metal cloud with Metal as a Service for IPAM and provisioning
* CHARMED OPENSTACK ›
Upgrades, maintenance, support, and fully managed options for long-term
low-cost infra.
* CHARMED KUBERNETES ›
App portability for K8s on VMware, Amazon, Azure, Google, Oracle, IBM and
bare metal.
* JUJU ›
Model-driven multi-cloud operations for applications. On-premise or on-cloud
SAAS app store, with big data, k8s and openstack solutions
* MULTIPASS ›
On-demand build-and-test VMs for cloud devs on Windows, Mac and Linux
desktops
* UBUNTU PRO ›
Extended Security Maintenance, Kernel Livepatch, FIPS, enterprise support and
certification.
* Your subscriptions ›
* Support login ›
ALSO FROM CANONICAL
LAUNCHPAD ›
The software collaboration platform behind Ubuntu.
* Login ›
UBUNTU IMAGE SERVICE ›
Hardened, standardised or customised Ubuntu images on public clouds and private
infra.
CLOUD-INIT ›
Control and customise your cloud instances on boot and during their lifecycle.
MIR ›
Ultra-fast and lightweight Wayland compositor for secure desktop and device
displays.
LANDSCAPE ›
Updates, package management, repositories, security, and regulatory compliance
for Ubuntu.
NETPLAN ›
Network abstraction for Linux to simplify and standardise complex network
configuration.
CHARMED KUBEFLOW ›
AI and MLOps at any scale, on any cloud.
MICROK8S ›
Small, fast, and fully-conformant Kubernetes for developers and IoT.
MICROSTACK ›
Single-node OpenStack for developers and IoT.
RESOURCES
* Webinars
* Tutorials
* Videos
* Case studies
* White papers
* Docs
* Training
* Blog
* Developer
* Install
* Download
ABOUT
* Ubuntu
* Canonical
* Press centre
* Partners
* Contact
Ubuntu
SECURITY
Sign in
* Enterprise
* Developer
* Community
* Download
* OpenStack
* Kubernetes
* Desktop
* IoT
* Support
* Downloads
* Search Search
* Sign in
Close Search
SECURITY
* ESM
* Livepatch
* Certifications & Hardening
* CVEs
* Notices
* Docker Images
Your submission was sent successfully! Close
You have successfully unsubscribed! Close
Thank you for signing up for our newsletter!Close
CVE-2022-2000
Published: 9 June 2022
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
PRIORITY
Medium
CVSS 3 SEVERITY SCORE
7.8
Score breakdown
STATUS
Package Release Status vim
Launchpad, Ubuntu, Debian bionic
Released (2:8.0.1453-1ubuntu1.13+esm7)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) focal
Released (2:8.1.2269-1ubuntu5.21)
upstream Needs triage
impish Ignored
(end of life)
lunar Not vulnerable
(2:9.0.1000-4ubuntu3.2)
kinetic Ignored
(end of life, was needs-triage)
mantic Not vulnerable
(2:9.0.1672-1ubuntu2.1)
jammy
Released (2:8.2.3995-1ubuntu2.15)
SEVERITY SCORE BREAKDOWN
Parameter Value Base score 7.8 Attack vector Local Attack complexity Low
Privileges required None User interaction Required Scope Unchanged
Confidentiality High Integrity impact High Availability impact High Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
REFERENCES
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2000
* https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0
* https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5
(v8.2.5063)
* https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5
* https://ubuntu.com/security/notices/USN-5516-1
* https://ubuntu.com/security/notices/USN-6557-1
* NVD
* Launchpad
* Debian
JOIN THE DISCUSSION
* Ubuntu security updates mailing list
* Security announcements mailing list
CANONICAL IS OFFERING EXPANDED SECURITY MAINTENANCE
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security
fixes and essential packages.
Find out more about ESM ›
FURTHER READING
* Ubuntu Explained: How to ensure security and stability in cloud
instances—part 3
* Ubuntu Explained: How to ensure security and stability in cloud
instances—part 2
* Running OpenSSL 1.1.1 after EOL? Stay secure with Ubuntu Pro.
* Restricted unprivileged user namespaces are coming to Ubuntu 23.10
* Securing open source software dependencies in the public cloud
Back to top
* OPENSTACK OPENSTACK
* What is OpenStack
* Features
* Managed
* Consulting
* Install
* Support
* CEPH CEPH
* What is Ceph
* Managed
* Consulting
* Docs
* Install
* MANAGED MANAGED
* OpenStack
* Kubernetes
* Ceph
* Apps
* Observability
* KUBERNETES KUBERNETES
* What is Kubernetes
* Charmed Kubernetes
* Managed
* Install
* Docs
* Resources
* AI / ML AI / ML
* MLOps
* Kubeflow
* MLflow
* Consulting
* Roadshow
* ROBOTICS ROBOTICS
* ROS ESM
* What is ROS
* Community
* Docs
* CLOUD CLOUD
* What is cloud computing
* What is private cloud
* What is hybrid cloud
* What is multi-cloud
* Public cloud
* IOT IOT
* App store
* Embedded Linux
* Management
* RASPBERRY PI RASPBERRY PI
* Desktop
* Server
* CORE CORE
* Consulting
* Success stories
* Features
* Tutorials
* Docs
* DESKTOP DESKTOP
* Features
* Organisations
* Developers
* Partners
* Flavours
* SERVER SERVER
* Hyperscale
* Docs
* SECURITY SECURITY
* ESM
* Livepatch
* Certifications & Hardening
* CVEs
* Notices
* Docker Images
* DOWNLOADS DOWNLOADS
* Desktop
* Server
* IoT
* Cloud
* OBSERVABILITY OBSERVABILITY
* What is observability
* Managed
* APPLIANCE APPLIANCE
* About
* Portfolio
* Community
* Hardware
* Virtual machines
* SUPPORT SUPPORT
* Your subscriptions
* Account users
* Pricing
* Discourse
* PRICING PRICING
* Support
* Consulting
* Desktops
* Devices
* SECTORS
* Automotive
* Industrial
* Government
* Telco
* Finance
* * Containers
* Tutorials
* 16-04
* Software partnerships
* Landscape
* Canonical Embedding Programme
--------------------------------------------------------------------------------
* Contact us
* Contact us
* About us
* Community
* Careers
* Blog
* Resources
* Press centre
© 2024 Canonical Ltd. Ubuntu and Canonical are registered trademarks of
Canonical Ltd.
* Legal information
* Data privacy
* Manage your tracker settings
* Report a bug on this site
*
*
*
*
Go to the top of the page
YOUR TRACKER SETTINGS
We use cookies and similar methods to recognise visitors and remember
preferences. We also use them to measure campaign effectiveness and analyse site
traffic.
By selecting ‘Accept‘, you consent to the use of these methods by us and trusted
third parties.
For further details or to change your consent choices at any time see our cookie
policy.
Accept all and visit site Manage your tracker settings