CVE-2025-24014

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.1.1043

Description A segmentation fault was found in Vim. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling may be triggering a redraw, which will access the ScreenLines pointer, even though this variable hasn't been allocated.

Recommendations For Vim versions prior to 9.1.1043, update to version 9.1.1043 or later to resolve the issue. As a temporary workaround, consider avoiding the use of silent Ex mode (-s -e) until the update is applied.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2025-5044

ALT-PU-2025-5579

ALT-PU-2025-5591

AZL-55815

AZL-55818

BDU:2025-01409

CVE-2025-24014

ECHO-A83C-9ABD-3789

GHSA-J3G9-WG22-V955

MGASA-2025-0038

OESA-2025-1136

OPENSUSE-SU-2025_0723-1

SUSE-SU-2025:0722-1

SUSE-SU-2025:0723-1

SUSE-SU-2025:0724-1

SUSE-SU-2025:20128-1

SUSE-SU-2025_0722-1

SUSE-SU-2025_0723-1

USN-7261-1

USN-7261-2

USN-7815-1

Affected Products

Alt Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Vim

CVE-2025-24014

Weakness Enumeration

Related Identifiers

Affected Products

References · 75