vim-8.2.2637-23.el9_7.1.ML.1

エラータID: AXSA:2026-384:05

Release date: 
Thursday, April 2, 2026 - 14:24
Subject: 
vim-8.2.2637-23.el9_7.1.ML.1
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: Vim: Arbitrary code execution via 'helpfile' option processing (CVE-2026-25749)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-25749
Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the get_tagfname() function in src/tag.c. When processing help file tags, Vim copies the user-controlled 'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1 bytes (typically 4097 bytes) using an unsafe STRCPY() operation without any bounds checking. This issue has been patched in version 9.1.2132.

Solution: 

Update packages.

CVEs: 
CVE-2026-25749
Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the get_tagfname() function in src/tag.c. When processing help file tags, Vim copies the user-controlled 'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1 bytes (typically 4097 bytes) using an unsafe STRCPY() operation without any bounds checking. This issue has been patched in version 9.1.2132.
Additional Info: 

N/A

Download: 

SRPMS
  1. vim-8.2.2637-23.el9_7.1.ML.1.src.rpm
    MD5: c7811a49e9bf715ab4c1c163aeb1e1f5
    SHA-256: e5828985444ab643f389caf27626fe13f1e466d5c04c43420e985a1441c10819
    Size: 12.22 MB

Asianux Server 9 for x86_64
  1. vim-common-8.2.2637-23.el9_7.1.ML.1.x86_64.rpm
    MD5: 42af244852b69d0660136733a679f425
    SHA-256: df65a60b1fe71f064b2c83bf23260e14fca212336871565dc192fef31a1bb85a
    Size: 6.97 MB
  2. vim-enhanced-8.2.2637-23.el9_7.1.ML.1.x86_64.rpm
    MD5: d7f5536d74147ecb4323e231b26b3b77
    SHA-256: 9a3c1e68de92cfe093a1e98a9479c40be039131292d6bcc68277ee9fa18f363d
    Size: 1.75 MB
  3. vim-filesystem-8.2.2637-23.el9_7.1.ML.1.noarch.rpm
    MD5: fbba15607e56e829cfcbaa21a0489c5f
    SHA-256: 8bf8c053ec0e81869f5ea355097676be37d567a97f3ffc7564a493b8bb8e65d3
    Size: 9.71 kB
  4. vim-minimal-8.2.2637-23.el9_7.1.ML.1.x86_64.rpm
    MD5: f907c4ab8cf6e868a405dd6f4706d75f
    SHA-256: 86c63e8cbf1c783d4e9ad34fa2b03bf20ce0597e8709c6c8bfe23317a22e3dae
    Size: 669.57 kB
  5. vim-X11-8.2.2637-23.el9_7.1.ML.1.x86_64.rpm
    MD5: 4e436046b35315de4d62d81bf70cf69e
    SHA-256: 06137dd419aca9c1c9c4ebb66713e55cb7a8d73fc62ef97aee5088d7cd5527e7
    Size: 1.91 MB