CLSA-2026-1778602862

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778602862.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1778602862
Upstream
Published
2026-05-12T16:21:08Z
Modified
2026-05-27T11:34:44.596876748Z
Summary
vim: Fix of 4 CVEs
Details
  • CVE-2022-2175: fix invalid memory access in cmdlineinsertreg() when using an expression on the command line; save/restore newcmdpos around the expression evaluation (exgetln.c, upstream patch 8.2.5148; hunk 3 context adjusted for 8.2.2637)
  • CVE-2022-3256: fix use-after-free in movemark() when an autocommand changes the mark; make a local copy of the fmark before potentially triggering buffer autocommands (mark.c, upstream patch 9.0.0530)
  • CVE-2022-4292: fix use-after-free in didsetspelllang() when a SpellFileMissing autocommand uses :bwipe to close the current window; also bail out when the window is no longer valid (spell.c, upstream patch 9.0.0882)
  • CVE-2022-3324: fix negative-index buffer access caused by negative window width; clamp nextcurwinsize in winequalrec() and clamp wp->wwidth in winnew_width() (window.c, upstream patch 9.0.0598)
References

Affected packages

TuxCare:AlmaLinux:9.2
vim-X11

Package

Name
vim-X11
Purl
pkg:rpm/tuxcare/vim-X11?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els21

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778602862.json"
vim-common

Package

Name
vim-common
Purl
pkg:rpm/tuxcare/vim-common?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els21

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778602862.json"
vim-enhanced

Package

Name
vim-enhanced
Purl
pkg:rpm/tuxcare/vim-enhanced?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els21

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778602862.json"
vim-filesystem

Package

Name
vim-filesystem
Purl
pkg:rpm/tuxcare/vim-filesystem?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els21

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778602862.json"
vim-minimal

Package

Name
vim-minimal
Purl
pkg:rpm/tuxcare/vim-minimal?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:8.2.2637-22.el9_2.1.tuxcare.els21

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778602862.json"