CVE Alert: CVE-2025-24014
Vulnerability Summary: CVE-2025-24014
Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn’t show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn’t been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.
Affected Endpoints:
No affected endpoints listed.
Published Date:
1/20/2025, 11:15:07 PM
⚠️ CVSS Score:
Exploit Status:
Not ExploitedReferences:
- https://github.com/vim/vim/commit/9d1bed5eccdbb46a26b8a484f5e9163c40e63919
- https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955
Recommended Action:
No proposed action available. Please refer to vendor documentation for updates.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
