CVE-2025-1215: vim main.c memory corruption
First published: Wed Feb 12 2025(Updated: )
A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vim | <=9.1.1096 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1215?
CVE-2025-1215 is classified as a problematic vulnerability that can lead to memory corruption.
How do I fix CVE-2025-1215?
The recommended fix for CVE-2025-1215 is to upgrade Vim to version 9.1.1097 or later.
What code does CVE-2025-1215 affect?
CVE-2025-1215 affects unknown code in the file src/main.c.
Can CVE-2025-1215 be exploited remotely?
CVE-2025-1215 can only be exploited on the local host.
Which versions of Vim are affected by CVE-2025-1215?
Versions of Vim up to and including 9.1.1096 are affected by CVE-2025-1215.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/last-modified-date
- agent/severity
- agent/source
- agent/tags
- agent/event
- vendor/vim
- canonical/vim