Home / mailings [USN-7748-1] Vim vulnerabilities
Posted on 15 September 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7748-1
September 15, 2025
vim vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in Vim.
Software Description:
- vim: Vi IMproved - enhanced vi editor
Details:
It was discovered that Vim incorrectly handled file extraction when opening
maliciously crafted zip or tar archives. An attacker could possibly use
this issue to create or overwrite files on the system and execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
vim 2:9.1.0967-1ubuntu4.1
Ubuntu 24.04 LTS
vim 2:9.1.0016-1ubuntu7.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7748-1
CVE-2025-53905, CVE-2025-53906
Package Information:
https://launchpad.net/ubuntu/+source/vim/2:9.1.0967-1ubuntu4.1
https://launchpad.net/ubuntu/+source/vim/2:9.1.0016-1ubuntu7.9
--===============2584265530311249428==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
