Bug 2380362 (CVE-2025-53905)

Summary: CVE-2025-53905 vim: Vim path traversial
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: adudiak, kshier, omaciel, stcannon, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2380380, 2380381    
Bug Blocks:    

Description OSIDB Bzimport 2025-07-15 21:01:43 UTC 
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.
Comment 3 errata-xmlrpc 2025-10-09 07:09:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:17644 https://access.redhat.com/errata/RHSA-2025:17644
Comment 4 errata-xmlrpc 2025-10-09 19:13:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:17715 https://access.redhat.com/errata/RHSA-2025:17715
Comment 5 errata-xmlrpc 2025-10-13 01:59:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:17742 https://access.redhat.com/errata/RHSA-2025:17742
Comment 6 errata-xmlrpc 2025-10-14 05:24:15 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:17913 https://access.redhat.com/errata/RHSA-2025:17913
Comment 10 errata-xmlrpc 2025-11-11 13:53:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:20945 https://access.redhat.com/errata/RHSA-2025:20945
Comment 11 errata-xmlrpc 2025-11-11 19:13:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:21015 https://access.redhat.com/errata/RHSA-2025:21015