CLSA-2025-1738170565

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1738170565.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2025-1738170565

Upstream

CVE-2023-2610

CVE-2023-4735

CVE-2023-4750

CVE-2023-4752

CVE-2023-4781

Published

2025-01-29T17:09:33Z

Modified

2026-05-29T01:15:38.815362770Z

Summary

vim: Fix of 5 CVEs

Details

CVE-2023-2610: limit the text length to MAXCOL
CVE-2023-4735: don't overflow buf2, check size in for loop()
CVE-2023-4750: check buffer is valid before accessing it
CVE-2023-4752: validate buffer before accessing it
CVE-2023-4781: disallow exchanging windows when textlock is active
Drop the patch level in version.c to the original one

References

https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2025-1738170565.html

Affected packages