Updated: 2025-08-29 16:48:32.376566
Description:
Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | vim | 8.2.2637 | 5.5 | MEDIUM | Ignored | 2025-09-10 13:44:43 | This is a local, high‑complexity, user‑interaction issue that only triggers when Vim is run in t... | |
| CentOS 6 ELS | vim | 7.4.629 | 5.5 | MEDIUM | Ignored | 2025-09-10 13:44:42 | Ignored due to low severity | |
| CentOS 7 ELS | vim | 7.4.629 | 5.5 | MEDIUM | Ignored | 2025-09-10 13:44:43 | Ignored due to low severity | |
| Debian 10 ELS | vim | 8.1.0875 | 5.5 | MEDIUM | Ignored | 2025-10-11 00:16:49 | Ignored due to low severity | |
| Oracle Linux 6 ELS | vim | 7.4.629 | 5.5 | MEDIUM | Ignored | 2025-09-10 13:44:44 | Ignored due to low severity | |
| Oracle Linux 7 ELS | vim | 7.4.629 | 5.5 | MEDIUM | Ignored | 2025-10-07 16:39:28 | Ignored due to low severity | |
| TuxCare 9.6 ESU | vim | 8.2.2637 | 5.5 | MEDIUM | Released | CLSA-2026:1767712744 | 2026-01-06 16:19:52 | This flaw is local-only and requires starting Vim in silent Ex mode (-s -e) and feeding crafted bina... |
| Ubuntu 16.04 ELS | vim | 7.4.1689-3 | 5.5 | MEDIUM | Released | CLSA-2025:1762455549 | 2025-11-07 00:14:30 |