1. 漏洞描述

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems.

Security Fix(es):

Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.(CVE-2025-24014)

2. 影响范围

3. 影响组件

4. 修复版本

5. 修复方法

方法一：下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存，如 xxx.rpm
2、通过rpm命令升级，如 rpm -Uvh xxx.rpm

方法二：通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包，如 yum install 包名

6. 下载链接

KY3.4-5A:

x86_64:

     vim-filesystem   

     vim-X11   

     vim-common   

     vim-enhanced   

     vim-minimal   

aarch64:

     vim-filesystem   

     vim-X11   

     vim-common   

     vim-enhanced   

     vim-minimal   

V6:

x86_64:

     vim-filesystem   

     vim-X11   

     vim-common   

     vim-enhanced   

     vim-minimal   

aarch64:

     vim-filesystem   

     vim-X11   

     vim-common   

     vim-enhanced   

     vim-minimal