CLSA-2026-1778009078

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778009078.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1778009078
Upstream
Published
2026-05-06T11:47:52Z
Modified
2026-06-01T00:31:50.395182150Z
Summary
vim: Fix of 5 CVEs
Details
  • CVE-2022-2125: fix out-of-bounds read in getlispindent(); break out of the inner loop on NUL byte (indent.c, upstream patch 8.2.5122)
  • CVE-2021-3974: fix use-after-free in nfaregmatch() when a substitute callback frees the regline during a mark comparison; save col and re-fetch rex.line via reggetline() after getmarkbuf() (regexp.c + regexpnfa.c, upstream patch 8.2.3612)
  • CVE-2022-2206: fix OOB read after terminal resize lowers Rows below cmdlinerow / msgrow; clamp both to Rows - 1 in check_shellsize() (term.c, upstream patch 8.2.5160)
  • CVE-2022-2946: fix use-after-free in dotag() when 'tagfunc' deletes the buffer; make a vimstrsave copy of the tagstack tagname before calling user code (tag.c, upstream patch 9.0.0246)
  • CVE-2022-2286: fix heap-buffer-overflow in the Ctrl-E completion-stop path when the completion leader shrinks below the original text; bounds-check compllen against replacement string length before insbytes_len() (insexpand.c, upstream patch 9.0.0020)
References

Affected packages

TuxCare:AlmaLinux:9.2
vim-X11

Package

Name
vim-X11
Purl
pkg:rpm/tuxcare/vim-X11?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778009078.json"
vim-common

Package

Name
vim-common
Purl
pkg:rpm/tuxcare/vim-common?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778009078.json"
vim-enhanced

Package

Name
vim-enhanced
Purl
pkg:rpm/tuxcare/vim-enhanced?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778009078.json"
vim-filesystem

Package

Name
vim-filesystem
Purl
pkg:rpm/tuxcare/vim-filesystem?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778009078.json"
vim-minimal

Package

Name
vim-minimal
Purl
pkg:rpm/tuxcare/vim-minimal?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778009078.json"