VULHUB ™

Vim is an enhanced version of the popular text editor vi. A race condition vulnerability exists in the swap file mechanism used by the 'vim' program. The error occurs when a swap file name for a file being opened is symbolically linked to a non-existent file. By conjecturing the name of a file to be edited by another user, it may be possible for a local user to create a malicious symbolic link to a non-existent file. This could cause the new target file to be created with the permissions of the user running vim.

Vim is an enhanced version of the popular text editor vi. A race condition vulnerability exists in the swap file mechanism used by the 'vim' program. The error occurs when a swap file name for a file being opened is symbolically linked to a non-existent file. By conjecturing the name of a file to be edited by another user, it may be possible for a local user to create a malicious symbolic link to a non-existent file. This could cause the new target file to be created with the permissions of the user running vim.