{"id":"AZL-55815","summary":"CVE-2025-24014 affecting package vim for versions less than 9.1.0791-3","details":"Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.","modified":"2026-04-01T05:18:44.397683Z","published":"2025-01-20T23:15:07Z","upstream":["CVE-2025-24014"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24014"}],"affected":[{"package":{"name":"vim","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/vim"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.1.0791-3"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-55815.json"}}],"schema_version":"1.7.5"}