ALAS-2023-1837

Amazon Linux 1 (EOL) Security Advisory: ALAS-2023-1837
Advisory Released Date: 2023-10-03
Advisory Updated Date: 2023-10-06

Severity: Important

References: CVE-2023-4733 CVE-2023-4750 CVE-2023-4752
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Use After Free in GitHub repository vim/vim prior to 9.0.1840. (CVE-2023-4733)

Use After Free in GitHub repository vim/vim prior to 9.0.1857. (CVE-2023-4750)

Use After Free in GitHub repository vim/vim prior to 9.0.1858. (CVE-2023-4752)

Affected Packages:

vim

Issue Correction:
Run yum update vim to update your system.

New Packages:

i686:
    vim-enhanced-9.0.1712-1.83.amzn1.i686
    vim-debuginfo-9.0.1712-1.83.amzn1.i686
    vim-common-9.0.1712-1.83.amzn1.i686
    xxd-9.0.1712-1.83.amzn1.i686
    vim-minimal-9.0.1712-1.83.amzn1.i686

noarch:
    vim-filesystem-9.0.1712-1.83.amzn1.noarch
    vim-data-9.0.1712-1.83.amzn1.noarch

src:
    vim-9.0.1712-1.83.amzn1.src

x86_64:
    vim-minimal-9.0.1712-1.83.amzn1.x86_64
    vim-enhanced-9.0.1712-1.83.amzn1.x86_64
    vim-common-9.0.1712-1.83.amzn1.x86_64
    vim-debuginfo-9.0.1712-1.83.amzn1.x86_64
    xxd-9.0.1712-1.83.amzn1.x86_64

Additional References

Red Hat: CVE-2023-4733, CVE-2023-4750, CVE-2023-4752

Mitre: CVE-2023-4733, CVE-2023-4750, CVE-2023-4752