Amazon Linux 2023 Security Advisory: ALAS2023-2026-1539
Advisory Released Date: 2026-04-13
Advisory Updated Date: 2026-04-13
Severity:
Medium
Issue Overview:
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue. (CVE-2026-28421)
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue. (CVE-2026-28422)
Affected Packages:
vim
Issue Correction:
Run dnf update vim --releasever 2023.11.20260413 or dnf update --advisory ALAS2023-2026-1539 --releasever 2023.11.20260413 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
New Packages:
aarch64:
vim-enhanced-debuginfo-9.2.240-1.amzn2023.0.1.aarch64
vim-debuginfo-9.2.240-1.amzn2023.0.1.aarch64
xxd-9.2.240-1.amzn2023.0.1.aarch64
vim-minimal-9.2.240-1.amzn2023.0.1.aarch64
vim-enhanced-9.2.240-1.amzn2023.0.1.aarch64
xxd-debuginfo-9.2.240-1.amzn2023.0.1.aarch64
vim-minimal-debuginfo-9.2.240-1.amzn2023.0.1.aarch64
vim-debugsource-9.2.240-1.amzn2023.0.1.aarch64
vim-common-9.2.240-1.amzn2023.0.1.aarch64
noarch:
vim-filesystem-9.2.240-1.amzn2023.0.1.noarch
vim-data-9.2.240-1.amzn2023.0.1.noarch
vim-default-editor-9.2.240-1.amzn2023.0.1.noarch
src:
vim-9.2.240-1.amzn2023.0.1.src
x86_64:
vim-enhanced-debuginfo-9.2.240-1.amzn2023.0.1.x86_64
vim-minimal-debuginfo-9.2.240-1.amzn2023.0.1.x86_64
vim-debuginfo-9.2.240-1.amzn2023.0.1.x86_64
vim-debugsource-9.2.240-1.amzn2023.0.1.x86_64
xxd-debuginfo-9.2.240-1.amzn2023.0.1.x86_64
xxd-9.2.240-1.amzn2023.0.1.x86_64
vim-minimal-9.2.240-1.amzn2023.0.1.x86_64
vim-enhanced-9.2.240-1.amzn2023.0.1.x86_64
vim-common-9.2.240-1.amzn2023.0.1.x86_64