NIXPKGS-2026-0001 published on 11 Jan 2026 CVE-2025-34449 updated 1 week, 4 days ago by @LeSuisse Activity log Created automatic suggestion 1 week, 5 days ago @LeSuisse removed package qtscrcpy 1 week, 5 days ago @LeSuisse accepted as draft 1 week, 5 days ago @LeSuisse published on GitHub 1 week, 4 days ago Genymobile/scrcpy <= 3.3.3 Global Buffer Overflow Genymobile/scrcpy versions up to and including 3.3.3 and prior to commit 3e40b24 contain a global buffer overflow vulnerability in the function sc_read32be, invoked via sc_device_msg_deserialize() and process_msgs(). Processing crafted device messages can cause reads beyond the bounds of a global buffer, leading to memory corruption or crashes. This vulnerability can be exploited to cause a denial of service and, under certain conditions, may be leveraged for further exploitation depending on the execution environment and available mitigations. Affected products scrcpy =<3.3.3 ==commit 3e40b24 Matching in nixpkgs pkgs.scrcpy Display and control Android devices over USB or TCP/IP nixos-unstable 3.3.3 nixpkgs-unstable 3.3.3 nixos-unstable-small 3.3.3 nixos-25.11 3.3.3 nixos-25.11-small 3.3.3 nixpkgs-25.11-darwin 3.3.3 nixos-25.05 3.3 nixos-25.05-small 3.3 nixpkgs-25.05-darwin 3.3 Package maintainers: 4 @Aleksanaa Aleksana QwQ <me@aleksana.moe> @Daru-san Daru <zadarumaka@proton.me> @DeltaEvo Duarte David <deltaduartedavid@gmail.com> @ryand56 Ryan Omasta <git@ryand.ca>
CVE-2025-34449 updated 1 week, 4 days ago by @LeSuisse Activity log Created automatic suggestion 1 week, 5 days ago @LeSuisse removed package qtscrcpy 1 week, 5 days ago @LeSuisse accepted as draft 1 week, 5 days ago @LeSuisse published on GitHub 1 week, 4 days ago Genymobile/scrcpy <= 3.3.3 Global Buffer Overflow Genymobile/scrcpy versions up to and including 3.3.3 and prior to commit 3e40b24 contain a global buffer overflow vulnerability in the function sc_read32be, invoked via sc_device_msg_deserialize() and process_msgs(). Processing crafted device messages can cause reads beyond the bounds of a global buffer, leading to memory corruption or crashes. This vulnerability can be exploited to cause a denial of service and, under certain conditions, may be leveraged for further exploitation depending on the execution environment and available mitigations. Affected products scrcpy =<3.3.3 ==commit 3e40b24 Matching in nixpkgs pkgs.scrcpy Display and control Android devices over USB or TCP/IP nixos-unstable 3.3.3 nixpkgs-unstable 3.3.3 nixos-unstable-small 3.3.3 nixos-25.11 3.3.3 nixos-25.11-small 3.3.3 nixpkgs-25.11-darwin 3.3.3 nixos-25.05 3.3 nixos-25.05-small 3.3 nixpkgs-25.05-darwin 3.3 Package maintainers: 4 @Aleksanaa Aleksana QwQ <me@aleksana.moe> @Daru-san Daru <zadarumaka@proton.me> @DeltaEvo Duarte David <deltaduartedavid@gmail.com> @ryand56 Ryan Omasta <git@ryand.ca>
pkgs.scrcpy Display and control Android devices over USB or TCP/IP nixos-unstable 3.3.3 nixpkgs-unstable 3.3.3 nixos-unstable-small 3.3.3 nixos-25.11 3.3.3 nixos-25.11-small 3.3.3 nixpkgs-25.11-darwin 3.3.3 nixos-25.05 3.3 nixos-25.05-small 3.3 nixpkgs-25.05-darwin 3.3