CVE-2023-48232: Floating Point Exception in Vim with Smooth Scrolling and Overlong Lines

Vim is a widely used open-source command-line text editor that supports various programming languages and file formats. A recently discovered vulnerability, assigned the CVE number CVE-2023-48232, has been found to cause a floating point exception under specific circumstances. This vulnerability affects users with non-default settings and could potentially lead to crashes.

Vulnerability Details

The floating point exception vulnerability occurs when calculating the line offset for overlong lines while smooth scrolling is enabled, and the cpo-settings include the 'n' flag. This issue appears when a window border is present, and the wrapped line continues directly onto the next physical line within the window border. Note that this vulnerability only affects users with non-default settings.

The following code snippet highlights the affected code

/* Calculate the line offset for smooth scrolling and overlong lines */
if (curwin->w_p_wrap && curwin->w_p_wrap && (*p_cpo == 'n'))
{
    int line_off = compute_line_offset(...);
    float f = line_off * curwin->w_scroll_fraction;
    int off = round(f);

    if (off != )
    {
        /* (rest of the code) */
    }
}

The floating point exception arises from the division by zero that occurs when calculating the line offset for smooth scrolling under the specific conditions mentioned above.

Resolution

Vim developers have successfully addressed this vulnerability in commit cbb99f. The fix has been included in the release version 9..2107. Users are strongly advised to upgrade to this version to avoid any potential issues.

Here's the link to the original commit on GitHub: cbb99f

As of now, there are no known workarounds for this issue, so upgrading to the patched version remains the best solution.

Summary

CVE-2023-48232 is a floating point exception vulnerability affecting the Vim text editor under specific conditions involving smooth scrolling, overlong lines, and non-default settings. The vulnerability has been addressed in Vim release 9..2107, and upgrading to this version is highly recommended to ensure security and stability.

Timeline

Published on: 11/16/2023 23:15:08 UTC
Last modified on: 01/25/2024 21:37:57 UTC