ELSA-2026-11510

ULN >
Oracle Linux Errata repository >
ELSA-2026-11510

ELSA-2026-11510 - vim security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-04-29

Description

[8.2.2637-23.0.1.el9_7.3]
- Remove upstream references [Orabug: 31197557]

[2:8.2.2637-23.3]
- Resolves: RHEL-164965 vim: arbitrary command execution via modeline sandbox bypass

[2:8.2.2637-23.2]
- RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
- RHEL-155422 CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap file
- RHEL-159629 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob() function

[2:8.2.2637-23.1]
- RHEL-147940 CVE-2026-25749 vim: Heap Overflow in Vim

Related CVEs

CVE-2026-34982

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	vim-8.2.2637-23.0.1.el9_7.3.src.rpm	551b93f8dd932e85e2900bc26034de1ee1043d5a6e07617fc7d1f8f6ee9b5745	-	ol9_aarch64_appstream
	vim-8.2.2637-23.0.1.el9_7.3.src.rpm	551b93f8dd932e85e2900bc26034de1ee1043d5a6e07617fc7d1f8f6ee9b5745	-	ol9_aarch64_baseos_latest
	vim-8.2.2637-23.0.1.el9_7.3.src.rpm	551b93f8dd932e85e2900bc26034de1ee1043d5a6e07617fc7d1f8f6ee9b5745	-	ol9_aarch64_u7_baseos_patch
	vim-X11-8.2.2637-23.0.1.el9_7.3.aarch64.rpm	288ba5fa45d3fb24e7adb7c02f329f6d62a27f2c98a6440cb2fe14329dbf25f4	-	ol9_aarch64_appstream
	vim-common-8.2.2637-23.0.1.el9_7.3.aarch64.rpm	40e5d109f689fd275c5f652f0fb20ac31f1ac451941c2b0519636003b5e95b54	-	ol9_aarch64_appstream
	vim-enhanced-8.2.2637-23.0.1.el9_7.3.aarch64.rpm	5a315b0ece21f1726a28a1cc2b39b57a0df6f8020edac4cb51fd7feb74f822fb	-	ol9_aarch64_appstream
	vim-filesystem-8.2.2637-23.0.1.el9_7.3.noarch.rpm	449c370a40703cb8395978224096e6f0e0e01fbf0888481fcc850a065bd0e69f	-	ol9_aarch64_baseos_latest
	vim-filesystem-8.2.2637-23.0.1.el9_7.3.noarch.rpm	449c370a40703cb8395978224096e6f0e0e01fbf0888481fcc850a065bd0e69f	-	ol9_aarch64_u7_baseos_patch
	vim-minimal-8.2.2637-23.0.1.el9_7.3.aarch64.rpm	36efc55bdcca7a97d5273bdf0a85972ee0d58a82e706e6bf063ed0ad04e56b62	-	ol9_aarch64_baseos_latest
	vim-minimal-8.2.2637-23.0.1.el9_7.3.aarch64.rpm	36efc55bdcca7a97d5273bdf0a85972ee0d58a82e706e6bf063ed0ad04e56b62	-	ol9_aarch64_u7_baseos_patch

Oracle Linux 9 (x86_64)	vim-8.2.2637-23.0.1.el9_7.3.src.rpm	551b93f8dd932e85e2900bc26034de1ee1043d5a6e07617fc7d1f8f6ee9b5745	-	ol9_x86_64_appstream
	vim-8.2.2637-23.0.1.el9_7.3.src.rpm	551b93f8dd932e85e2900bc26034de1ee1043d5a6e07617fc7d1f8f6ee9b5745	-	ol9_x86_64_baseos_latest
	vim-8.2.2637-23.0.1.el9_7.3.src.rpm	551b93f8dd932e85e2900bc26034de1ee1043d5a6e07617fc7d1f8f6ee9b5745	-	ol9_x86_64_u7_baseos_patch
	vim-X11-8.2.2637-23.0.1.el9_7.3.x86_64.rpm	7cfca2b81be825cd4fb468989cab57060720f2029b961d2ce42a08f933dd284e	-	ol9_x86_64_appstream
	vim-common-8.2.2637-23.0.1.el9_7.3.x86_64.rpm	9c986fec43f0aac5afa3c0a4ceaf28f18082db1d82ba01ee71e22740a33419a3	-	ol9_x86_64_appstream
	vim-enhanced-8.2.2637-23.0.1.el9_7.3.x86_64.rpm	b2125250b93bae12b03c5616851de34d319d21b6965da318bb853772db018e82	-	ol9_x86_64_appstream
	vim-filesystem-8.2.2637-23.0.1.el9_7.3.noarch.rpm	449c370a40703cb8395978224096e6f0e0e01fbf0888481fcc850a065bd0e69f	-	ol9_x86_64_baseos_latest
	vim-filesystem-8.2.2637-23.0.1.el9_7.3.noarch.rpm	449c370a40703cb8395978224096e6f0e0e01fbf0888481fcc850a065bd0e69f	-	ol9_x86_64_u7_baseos_patch
	vim-minimal-8.2.2637-23.0.1.el9_7.3.x86_64.rpm	a511aec2fc243f9790dcfc12f70c7a0da8fc5896b3737f3db74ae4c682aa9158	-	ol9_x86_64_baseos_latest
	vim-minimal-8.2.2637-23.0.1.el9_7.3.x86_64.rpm	a511aec2fc243f9790dcfc12f70c7a0da8fc5896b3737f3db74ae4c682aa9158	-	ol9_x86_64_u7_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691