CVE-2025-1215

EUVD-2025-2085
A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.8 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
vimvim
𝑥
< 9.1.1097
netappbootstrap_os
-
𝑥
= Vulnerable software versions
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
gvim
suse enterprise server 15 SP4
9.1.1101-150000.5.69.1
fixed
vim
suse enterprise desktop 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise desktop 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP4
9.1.1101-150000.5.69.1
fixed
suse enterprise server 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP7
9.1.1101-150500.20.21.1
fixed
vim-data
suse enterprise desktop 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise desktop 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP4
9.1.1101-150000.5.69.1
fixed
suse enterprise server 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP7
9.1.1101-150500.20.21.1
fixed
vim-data-common
suse enterprise desktop 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise desktop 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP4
9.1.1101-150000.5.69.1
fixed
suse enterprise server 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP7
9.1.1101-150500.20.21.1
fixed
vim-small
suse enterprise desktop 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise desktop 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise sap 15 SP7
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP4
9.1.1101-150000.5.69.1
fixed
suse enterprise server 15 SP6
9.1.1101-150500.20.21.1
fixed
suse enterprise server 15 SP7
9.1.1101-150500.20.21.1
fixed
xxd
suse enterprise server 15 SP4
9.1.1101-150000.5.69.1
fixed
Common Weakness Enumeration
References
https://github.com/vim/vim/commit/c5654b84480822817bb7b69ebc97c174c91185e9
https://github.com/vim/vim/issues/16606
https://github.com/vim/vim/releases/tag/v9.1.1097
https://vuldb.com/?ctiid.295174
https://vuldb.com/?id.295174
https://vuldb.com/?submit.497546
https://security.netapp.com/advisory/ntap-20250321-0005/
https://github.com/vim/vim/issues/16606
https://vuldb.com/?submit.497546