CVE-2025-24014

Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.2 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
GitHub_MCNA
4.2 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Debian logo
Debian Releases
Debian Product
Codename
vim
bullseye
unimportant
bullseye (security)
unimportant
bookworm
unimportant
sid
2:9.1.1230-2
fixed
trixie
2:9.1.1230-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
vim
plucky
Fixed 2:9.1.0967-1ubuntu4
released
oracular
Fixed 2:9.1.0496-1ubuntu6.4
released
noble
Fixed 2:9.1.0016-1ubuntu7.7
released
jammy
Fixed 2:8.2.3995-1ubuntu2.23
released
focal
Fixed 2:8.1.2269-1ubuntu5.31
released
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
Common Weakness Enumeration
References
https://github.com/vim/vim/commit/9d1bed5eccdbb46a26b8a484f5e9163c40e63919
https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955
http://www.openwall.com/lists/oss-security/2025/01/20/4
http://www.openwall.com/lists/oss-security/2025/01/21/1
https://security.netapp.com/advisory/ntap-20250314-0005/