|
|
Subscribe / Log in / New account

Ubuntu alert USN-7815-1 (vim)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7815-1] Vim vulnerabilities


Date:
              Thu, 09 Oct 2025 22:46:01 +0000


Message-ID:
              <E1v6zOb-00079k-Go@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-7815-1
October 09, 2025

vim vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Vim could be made to crash if it received specially crafted input.

Software Description:
- vim: Vi IMproved - enhanced vi editor

Details:

It was discovered that Vim incorrectly handled certain internal calls when
scrolling a window. An attacker could possibly use this issue to cause a
denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  vim                             2:8.0.1453-1ubuntu1.13+esm13
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  vim                             2:7.4.1689-3ubuntu1.5+esm28
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  vim                             2:7.4.052-1ubuntu3.1+esm22
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7815-1
  CVE-2025-24014




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmjoNwkACgkQcpJm3tlz
hgEkvQ//a6w5CIjQiLD3/R3FpCxpya/lM6G4/lECzBodI8rrDDMDiqRrp44zDlAE
uSE/a9UGXwgmo609A/Pz+N+vNzkVjaY8BDSgiRq2GcH2CglRp3c6WyKTjhgp0CM6
o8uToj/SluBuzQ0ZAiMbDph68lrFd1OsljeyNXgqNt3rJOb4w4fMnV+TxyQmscS5
8KsTBMsxuNLjGw0yT7SJWNA0UFQgMb3L+gsaVVehNuLbdJGHhXBznfeeqS4G1sij
6Yxmf2xPx/S6Xosa9W7JvWjjb93sxr9n1esxr0PGkhQV2Tf2Z3wWdEjKUgNvZgsh
E+otbqDJPT34xIOYYrVVJreU1TELkUEvlURzB90IfnsKJlcYmoD8hvTZ3lxAqYOk
UuvInNXOxbNtYTr+ryNwoRL7ZXYDaYlppZPx/fxvbkQSMvYt5etcAWRxJeLDcGDN
iHBnfaA7mjnx2PEVLQgGgb+zLH6w+gtW6X2QMV/OpF4SUOOvIavN+iHpUwlM1hGr
1YX1ic+oNR36dGfaVrm7TCHkXEheMi2vk0pmci0vbLbztMJbe+k14TS0CIJiNhlg
7mOPWC8u1S1VPbWI2LhVWdUeCZoBlItKOVyoZ2Zop+9LePGFcP053/TqzhGL5qgi
HhpYTA0ZEkwBVjKOv6WQvekujxcRvKPkbl1CucBn5UbWrdZS9Qk=
=NdBB
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds