Nixpkgs Security Tracker

CVE-2024-52616

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): NONE

updated 5 months, 1 week ago by @fricklerhandwerk Activity log

Created automatic suggestion 5 months, 1 week ago
@Erethon accepted as draft 5 months, 1 week ago
@Erethon removed package pkgs.avahi 0.8 5 months, 1 week ago
@Erethon dismissed 5 months, 1 week ago
@fricklerhandwerk accepted as draft 5 months, 1 week ago
@fricklerhandwerk removed
5 packages
- pkgs.guile-avahi 0.4.1
- pkgs.avahi-compat 0.8
- pkgs.haskellPackages.avahi 0.2.0
- pkgs.python311Packages.avahi 0.8
- pkgs.python312Packages.avahi 0.8
5 months, 1 week ago

Avahi: avahi wide-area dns predictable transaction ids

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

avahi

<0.9

rhcos

CVE-2024-8612

3.8 LOW

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

updated 5 months, 1 week ago by @fricklerhandwerk Activity log

Created automatic suggestion 5 months, 1 week ago
@fricklerhandwerk removed
9 packages
- pkgs.canokey-qemu 0-unstable-2023-06-06
- pkgs.canokey-qemu 2022-06-23
- pkgs.ubootQemuX86 x86_defconfig-2024.04
- pkgs.ubootQemuX86 x86_defconfig-2024.10
- pkgs.ubootQemuAarch64 qemu_arm64_defconfig-2024.04
- pkgs.ubootQemuAarch64 qemu_arm64_defconfig-2024.10
- pkgs.qemu-python-utils 0.6.1.0a1
- pkgs.python311Packages.qemu 0.6.1.0a1
- pkgs.python312Packages.qemu 0.6.1.0a1
5 months, 1 week ago
@fricklerhandwerk accepted as draft 5 months, 1 week ago

Qemu-kvm: information leak in virtio devices

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.

qemu

*

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

pkgs.qemu

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7
nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu_kvm

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7
nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu_full

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7
nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu_test

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7
nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu-utils

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7
nixos-24.11 9.1.1
- nixos-24.11-small 9.1.1
nixos-unstable 9.1.1
- nixos-unstable-small 9.1.1
- nixpkgs-unstable 9.1.1

pkgs.qemu_xen_4_15

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7

pkgs.qemu_xen_4_15-light

A generic and open source machine emulator and virtualizer

nixos-24.05 8.2.7
- nixos-24.05-small 8.2.7

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-24.05 2.10.0
- nixos-24.05-small 2.10.0
nixos-24.11 2.10.0
- nixos-24.11-small 2.10.0
nixos-unstable 2.10.0
- nixos-unstable-small 2.10.0
- nixpkgs-unstable 2.10.0

CVE-2024-48899

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

updated 5 months, 1 week ago by @fricklerhandwerk Activity log

Created automatic suggestion 5 months, 1 week ago
@fricklerhandwerk removed
3 packages
- pkgs.moodle-dl 2.2.2.4
- pkgs.moodle-dl 2.3.12
- pkgs.texlivePackages.moodle 1.0
5 months, 1 week ago
@fricklerhandwerk accepted as draft 5 months, 1 week ago

Moodle: idor when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.

moodle

<4.4.4

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-24.05 4.4
- nixos-24.05-small 4.4
nixos-24.11 4.4.3
- nixos-24.11-small 4.4.3
nixos-unstable 4.4.3
- nixos-unstable-small 4.4.4
- nixpkgs-unstable 4.4.3

CVE-2024-10492

updated 5 months, 1 week ago by @fricklerhandwerk Activity log

Created automatic suggestion 5 months, 1 week ago
@ANONYMOUS dismissed 5 months, 1 week ago
@ANONYMOUS marked as untriaged 5 months, 1 week ago
@ANONYMOUS removed
2 packages
- pkgs.python311Packages.python-keycloak 4.0.0
- pkgs.python312Packages.python-keycloak 4.0.0
5 months, 1 week ago
@ANONYMOUS accepted as draft 5 months, 1 week ago
@fricklerhandwerk removed package pkgs.terraform-providers.keycloak 4.4.0 5 months, 1 week ago

Keycloak-quarkus-server: keycloak path trasversal

A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider configuration and set up a Vault read file, which will only inform whether that file exists or not.

keycloak

<26.0.6

rhbk/keycloak-rhel9

*

rhbk/keycloak-rhel9-operator

*

rhbk/keycloak-operator-bundle

*

org.keycloak/keycloak-quarkus-server

pkgs.keycloak

Identity and access management for modern applications and services

nixos-24.11 26.0.6

CVE-2024-9632

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 5 months, 1 week ago by @Erethon Activity log

Created automatic suggestion 5 months, 1 week ago
@Erethon accepted as draft 5 months, 1 week ago
@Erethon removed package pkgs.tigervnc 1.14.0 5 months, 1 week ago

Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

tigervnc

*

xorg-x11-server

*

xorg-x11-server-Xwayland

*

Drafts

pkgs.qemu

pkgs.qemu_kvm

pkgs.qemu_xen

pkgs.qemu-user

pkgs.qemu_full

pkgs.qemu_test

pkgs.qemu-utils

pkgs.qemu_xen_4_15

pkgs.qemu_xen_4_15-light

pkgs.armTrustedFirmwareQemu

pkgs.moodle

pkgs.keycloak