Bug 2443474 (CVE-2026-28421)

Summary: CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap file
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: adudiak, amike, dwojewod, gmcnealy, jrichards2, jwright, kshier, kyoshida, naresh.sukhija, stcannon, teagle, timothy.a.meader, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in Vim. This vulnerability, a heap-buffer-overflow and a segmentation fault, exists in the swap file recovery logic. A local attacker could exploit this by providing a specially crafted swap file. This could lead to a denial of service (DoS) or potentially information disclosure.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2443491, 2443493, 2443790    
Bug Blocks:    

Description OSIDB Bzimport 2026-02-27 23:02:08 UTC 
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.
Comment 4 errata-xmlrpc 2026-04-02 16:45:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:6502 https://access.redhat.com/errata/RHSA-2026:6502
Comment 5 errata-xmlrpc 2026-04-02 21:47:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:6540 https://access.redhat.com/errata/RHSA-2026:6540
Comment 6 errata-xmlrpc 2026-04-02 22:08:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:6539 https://access.redhat.com/errata/RHSA-2026:6539
Comment 7 errata-xmlrpc 2026-04-06 03:22:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:6619 https://access.redhat.com/errata/RHSA-2026:6619
Comment 8 errata-xmlrpc 2026-04-06 03:29:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2026:6617 https://access.redhat.com/errata/RHSA-2026:6617
Comment 9 errata-xmlrpc 2026-04-06 03:31:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:6620 https://access.redhat.com/errata/RHSA-2026:6620
Comment 10 errata-xmlrpc 2026-04-07 06:17:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2026:6730 https://access.redhat.com/errata/RHSA-2026:6730
Comment 11 errata-xmlrpc 2026-04-07 06:21:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:6729 https://access.redhat.com/errata/RHSA-2026:6729
Comment 12 errata-xmlrpc 2026-04-07 06:36:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:6731 https://access.redhat.com/errata/RHSA-2026:6731
Comment 13 errata-xmlrpc 2026-04-07 06:58:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:6736 https://access.redhat.com/errata/RHSA-2026:6736
Comment 14 errata-xmlrpc 2026-04-07 22:36:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:6915 https://access.redhat.com/errata/RHSA-2026:6915
Comment 16 errata-xmlrpc 2026-04-13 08:45:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:7711 https://access.redhat.com/errata/RHSA-2026:7711
Comment 17 errata-xmlrpc 2026-04-15 07:20:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:8259 https://access.redhat.com/errata/RHSA-2026:8259
Comment 18 errata-xmlrpc 2026-04-16 10:24:11 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2026:7239 https://access.redhat.com/errata/RHSA-2026:7239
Comment 19 errata-xmlrpc 2026-04-16 10:56:26 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.19

Via RHSA-2026:7243 https://access.redhat.com/errata/RHSA-2026:7243
Comment 20 errata-xmlrpc 2026-04-22 08:27:43 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2026:8423 https://access.redhat.com/errata/RHSA-2026:8423
Comment 24 errata-xmlrpc 2026-04-30 12:10:51 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2026:10097 https://access.redhat.com/errata/RHSA-2026:10097