Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Linux Enterprise Micro 5 moderate: 2025:0724-1 vim heap overflow

suse
Calendar Grey February 26, 2025
Dist Suse Esm H88
Delve into the SUSE Linux Enterprise Micro 5 edition security patch for vim, tackling various vulnerabilities and improving overall robustness.
* bsc#1229685 * bsc#1229822 * bsc#1230078 * bsc#1235695 * bsc#1236151

Summary

## This update for vim fixes the following issues: Update to version 9.1.1101: * CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685). * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822). * CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078). * CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode (bsc#1235695). * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151). * CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like

Topics%20covered

Topics Covered

security advisory moderate security update software update memory corruption heap overflow SUSE Linux vim memory issues SUSE Linux Enterprise Micro

References

* bsc#1229685

* bsc#1229822

* bsc#1230078

* bsc#1235695

* bsc#1236151

* bsc#1237137

Cross-

* CVE-2024-43790

* CVE-2024-43802

* CVE-2024-45306

* CVE-2025-1215

* CVE-2025-22134

* CVE-2025-24014

CVSS scores:

* CVE-2024-43790 ( SUSE ): 2.0

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

* CVE-2024-43790 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2024-43802 ( SUSE ): 4.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2024-43802 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2024-45306 ( SUSE ): 4.1

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-45306 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Announcement ID: SUSE-SU-2025:0724-1
Release Date: 2025-02-26T13:30:43Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security update software update memory corruption heap overflow SUSE Linux vim memory issues SUSE Linux Enterprise Micro

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here