Stay Connected:

ELSA-2026-19224

ELSA-2026-19224 - vim security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-06-12

Description


[2:8.2.2637-26.0.1.el9_8.4]
- Remove upstream references [Orabug: 31197557]

[2:8.2.2637-26.4]
- Resolves: RHEL-164966 vim: arbitrary command execution via modeline sandbox bypass

[2:8.2.2637-26.3]
- Related: RHEL-159630 rebuild to build with exception target

[2:8.2.2637-26.2]
- remove -O0 from flags

[2:8.2.2637-26.1]
- RHEL-159630 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob() function

[2:8.2.2637-26]
- RHEL-155438 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
- RHEL-155423 CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap file

[2:8.2.2637-25]
- RHEL-147941 CVE-2026-25749 vim: Heap Overflow in Vim

[2:8.2.2637-24]
- RHEL-143726 sudo not able to spawn 'vi' command when NOEXEC is used to prevent escaping to shell


Related CVEs


CVE-2026-34982

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) vim-8.2.2637-26.0.1.el9_8.4.src.rpm47f7183e7e760f30255ec34e5dc42f1c94021d41a72d0e0be58130f609f3b03c-ol9_aarch64_appstream
vim-8.2.2637-26.0.1.el9_8.4.src.rpm47f7183e7e760f30255ec34e5dc42f1c94021d41a72d0e0be58130f609f3b03c-ol9_aarch64_baseos_latest
vim-8.2.2637-26.0.1.el9_8.4.src.rpm47f7183e7e760f30255ec34e5dc42f1c94021d41a72d0e0be58130f609f3b03c-ol9_aarch64_u8_baseos_base
vim-X11-8.2.2637-26.0.1.el9_8.4.aarch64.rpm5c4df0354021c868df9fa927ef9c46e1eff21184e1d180a6599f2012d3e0aae5-ol9_aarch64_appstream
vim-common-8.2.2637-26.0.1.el9_8.4.aarch64.rpmd7795b7b9f6e9288e0943310b1265b6dccf78ac9c5ea20e5913ee2f6591a202c-ol9_aarch64_appstream
vim-enhanced-8.2.2637-26.0.1.el9_8.4.aarch64.rpm67dd822cf91ccf88dc3e2553892e00bf65fcb4a888909fb4e91d6cd3ead9e059-ol9_aarch64_appstream
vim-filesystem-8.2.2637-26.0.1.el9_8.4.noarch.rpmb3ec28f429395c738ca1770a3e20baba87653fec65e28236c8dd6bcae0eedb56-ol9_aarch64_baseos_latest
vim-filesystem-8.2.2637-26.0.1.el9_8.4.noarch.rpmb3ec28f429395c738ca1770a3e20baba87653fec65e28236c8dd6bcae0eedb56-ol9_aarch64_u8_baseos_base
vim-minimal-8.2.2637-26.0.1.el9_8.4.aarch64.rpm8642f9c68edea15b50c35a3bf83cdbf0b3fc7950e7afa3e224f5f43f0410d55e-ol9_aarch64_baseos_latest
vim-minimal-8.2.2637-26.0.1.el9_8.4.aarch64.rpm8642f9c68edea15b50c35a3bf83cdbf0b3fc7950e7afa3e224f5f43f0410d55e-ol9_aarch64_u8_baseos_base
Oracle Linux 9 (x86_64) vim-8.2.2637-26.0.1.el9_8.4.src.rpm47f7183e7e760f30255ec34e5dc42f1c94021d41a72d0e0be58130f609f3b03c-ol9_x86_64_appstream
vim-8.2.2637-26.0.1.el9_8.4.src.rpm47f7183e7e760f30255ec34e5dc42f1c94021d41a72d0e0be58130f609f3b03c-ol9_x86_64_baseos_latest
vim-8.2.2637-26.0.1.el9_8.4.src.rpm47f7183e7e760f30255ec34e5dc42f1c94021d41a72d0e0be58130f609f3b03c-ol9_x86_64_u8_baseos_base
vim-X11-8.2.2637-26.0.1.el9_8.4.x86_64.rpm399a0b3cd42fa2e6091dfa94cc30a41d3cb5257d563903cc35491d375d52fb55-ol9_x86_64_appstream
vim-common-8.2.2637-26.0.1.el9_8.4.x86_64.rpmf038485335e69854d5b598a8318e83a7a9fdc35d8b97489243a78f9b0fa59c8f-ol9_x86_64_appstream
vim-enhanced-8.2.2637-26.0.1.el9_8.4.x86_64.rpmb26d520bd6dc7ce749ea5a22d1268959a711d4742112caf2cbbf7e4170997047-ol9_x86_64_appstream
vim-filesystem-8.2.2637-26.0.1.el9_8.4.noarch.rpmb3ec28f429395c738ca1770a3e20baba87653fec65e28236c8dd6bcae0eedb56-ol9_x86_64_baseos_latest
vim-filesystem-8.2.2637-26.0.1.el9_8.4.noarch.rpmb3ec28f429395c738ca1770a3e20baba87653fec65e28236c8dd6bcae0eedb56-ol9_x86_64_u8_baseos_base
vim-minimal-8.2.2637-26.0.1.el9_8.4.x86_64.rpme32e9462617ed39528e29419a5e46e2808a90386a6f9100a7a8b33b41698a7f0-ol9_x86_64_baseos_latest
vim-minimal-8.2.2637-26.0.1.el9_8.4.x86_64.rpme32e9462617ed39528e29419a5e46e2808a90386a6f9100a7a8b33b41698a7f0-ol9_x86_64_u8_baseos_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights