Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2025:0723-1 moderate: vim heap overflow, memory corruption issues

suse
Calendar Grey February 26, 2025
Dist Suse Esm H88
SUSE releases a patch for nano addressing several vulnerabilities, including stack overflows and potential data leaks.
* bsc#1229685 * bsc#1229822 * bsc#1230078 * bsc#1235695 * bsc#1236151

Summary

## This update for vim fixes the following issues: Update to version 9.1.1101: * CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685). * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822). * CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078). * CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode (bsc#1235695). * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151). * CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like

Topics%20covered

Topics Covered

security advisory moderate update memory corruption heap overflow SUSE vim search command

References

* bsc#1229685

* bsc#1229822

* bsc#1230078

* bsc#1235695

* bsc#1236151

* bsc#1237137

Cross-

* CVE-2024-43790

* CVE-2024-43802

* CVE-2024-45306

* CVE-2025-1215

* CVE-2025-22134

* CVE-2025-24014

CVSS scores:

* CVE-2024-43790 ( SUSE ): 2.0

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

* CVE-2024-43790 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2024-43802 ( SUSE ): 4.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2024-43802 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2024-45306 ( SUSE ): 4.1

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-45306 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Announcement ID: SUSE-SU-2025:0723-1
Release Date: 2025-02-26T13:29:54Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update memory corruption heap overflow SUSE vim search command

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here