[CLSA-2026:1782826872] vim: Fix of 4 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-30 13:41:33 UTC
Description:
- CVE-2026-55693: bound the trie-descent depth counter against the MAXWLEN-element stack arrays in tree_count_words() to prevent an out-of-bounds write when reading a crafted spell file (src/spellfile.c, upstream vim 9.2.0653) - CVE-2026-55892: bound the trie-descent depth counter in dump_prefixes() to prevent a stack out-of-bounds write with a crafted .spl spell file (src/spell.c, upstream vim 9.2.0662) - CVE-2026-57455: bound the single-byte SOFO result copy in spell_soundfold_sofo() to MAXWLEN-1 to prevent a stack out-of-bounds write when sound-folding long words (src/spell.c, upstream vim 9.2.0698) - CVE-2026-57456: use repr() on reconstructed docstrings in the python3 omni-completion so a hostile buffer cannot break out of the triple-quoted literal and execute arbitrary Python during completion (runtime/autoload/python3complete.vim, upstream vim 9.2.0699)
Updated packages:
  • vim-X11-8.2.2637-22.el9_6.1.tuxcare.els37.x86_64.rpm
    sha:5183c02b2198c4dae4c94d4fbf6d71fdc9c68f962c97c8dc8b0137869c2d4a72
  • vim-common-8.2.2637-22.el9_6.1.tuxcare.els37.x86_64.rpm
    sha:c39bd8e1c8925a2a13137ac22419794e18e2fe808e67c0925ec3046c64bf313a
  • vim-enhanced-8.2.2637-22.el9_6.1.tuxcare.els37.x86_64.rpm
    sha:1dcc486dbf02d2c81cd45e778c7fabb15a79239199df26e9bf96a49a83e8c13e
  • vim-filesystem-8.2.2637-22.el9_6.1.tuxcare.els37.noarch.rpm
    sha:43b74ad42f5521bb4bcaa4f10d74e5f165288c9018e6303639b6547ed198305c
  • vim-minimal-8.2.2637-22.el9_6.1.tuxcare.els37.x86_64.rpm
    sha:caa355a7afd707d1b1fea68b46229f5ead9037b3b49834ebcbdbd1d750c4f184
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.