CVE-2025-24014

CVSS 3.1 Score 4.2 of 10 (medium)

Details

Published Jan 20, 2025

Updated: Jan 21, 2025

CWE ID 787

Summary

CVE-2025-24014 is a vulnerability affecting Vim, an open-source text editor, before version 9.1.1043. In silent Ex mode, Vim typically operates without displaying a screen in batch mode. However, if binary characters are fed to Vim, it can trigger a function responsible for scrolling in a graphical version of Vim. Despite the absence of a screen, the function may cause a redraw, leading to an attempt to access the unallocated ScreenLines pointer. This vulnerability, which can result in a segmentation fault, is mitigated in Vim version 9.1.1043.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Affected Vendors

Aviakom VIM AVIA

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2h7k-t
https://www.cve.org/CVERecord?id=CVE-2025-24014
https://nvd.nist.gov/vuln/detail/CVE-2025-24014

Back to Vulnerability Database