CVE-2025-1215

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions vim versions prior to 9.1.1097

Description A problematic issue has been found in vim, affecting unknown code in the src/main.c file. The manipulation of the --log argument leads to memory corruption, allowing an attack to be launched on the local host.

Recommendations For versions prior to 9.1.1097, upgrade to version 9.1.1097 to address this issue. As a temporary workaround, consider avoiding the use of the --log argument until the update is applied.

Exploit

Fix

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

AZL-56708

AZL-56770

BDU:2025-03287

BDU:2025-03299

CVE-2025-1215

ECHO-DBE6-D80F-0B2E

OESA-2025-1231

OPENSUSE-SU-2025_0723-1

SUSE-SU-2025:0722-1

SUSE-SU-2025:0723-1

SUSE-SU-2025:0724-1

SUSE-SU-2025:20128-1

SUSE-SU-2025_0722-1

SUSE-SU-2025_0723-1

USN-7419-1

Affected Products

Debian

Linuxmint

Red Os

Suse

Ubuntu

Vim

CVE-2025-1215

Weakness Enumeration

Related Identifiers

Affected Products

References · 63