Vulnerability Description
A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are not able to reproduce this. One of the users mentions that this appears not to be working, "when coloring is turned on".
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vim | Vim | 9.1.0000 |
Related Weaknesses (CWE)
References
- https://drive.google.com/file/d/1iFbTpW79vqBPkFjWYzGYIh_E6esPhYVY/view?usp=shariExploit
- https://github.com/vim/vim/issues/17940ExploitIssue TrackingPatch
- https://github.com/vim/vim/issues/17940#issuecomment-3203415781ExploitIssue TrackingPatch
- https://vuldb.com/?ctiid.321222Permissions RequiredVDB Entry
- https://vuldb.com/?id.321222Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.630898ExploitThird Party AdvisoryVDB Entry
- https://github.com/vim/vim/issues/17940ExploitIssue TrackingPatch
- https://github.com/vim/vim/issues/17940#issuecomment-3203415781ExploitIssue TrackingPatch
- https://vuldb.com/?submit.630898ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2025-9389?
CVE-2025-9389 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack ...
How severe is CVE-2025-9389?
CVE-2025-9389 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-9389?
Check the references section above for vendor advisories and patch information. Affected products include: Vim Vim.