Nixpkgs security tracker
NIXPKGS-2026-0488
GitHub issue
published 3 months, 4 weeks ago
Permalink
CVE-2026-22717
2.7 LOW
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Changed (C)
- Confidentiality (C): Low (L)
- Integrity (I): None (N)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Changed (C)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
40 packages
- helio-workstation
- linuxPackages.vmware
- linuxPackages_lqx.vmware
- linuxPackages_zen.vmware
- linuxPackages-libre.vmware
- linuxPackages_latest.vmware
- linuxPackages_xanmod.vmware
- linuxPackages_hardened.vmware
- linuxPackages_6_1_hardened.vmware
- linuxPackages_6_6_hardened.vmware
- linuxPackages_latest-libre.vmware
- linuxPackages_5_10_hardened.vmware
- linuxPackages_5_15_hardened.vmware
- linuxPackages_xanmod_latest.vmware
- linuxPackages_xanmod_stable.vmware
- linuxKernel.packages.linux_5_4.vmware
- linuxKernel.packages.linux_6_1.vmware
- linuxKernel.packages.linux_6_6.vmware
- linuxKernel.packages.linux_ham.vmware
- linuxKernel.packages.linux_lqx.vmware
- linuxKernel.packages.linux_zen.vmware
- linuxKernel.packages.linux_5_15.vmware
- linuxKernel.packages.linux_5_10.vmware
- linuxKernel.packages.linux_latest_libre.vmware
- linuxKernel.packages.linux_6_6_hardened.vmware
- linuxKernel.packages.linux_5_10_hardened.vmware
- linuxKernel.packages.linux_5_15_hardened.vmware
- linuxKernel.packages.linux_6_12_hardened.vmware
- linuxKernel.packages.linux_6_1_hardened.vmware
- linuxKernel.packages.linux_xanmod_latest.vmware
- python314Packages.google-cloud-workstations
- linuxKernel.packages.linux_xanmod_stable.vmware
- python313Packages.google-cloud-workstations
- python312Packages.google-cloud-workstations
- linuxKernel.packages.linux_hardened.vmware
- linuxKernel.packages.linux_xanmod.vmware
- linuxKernel.packages.linux_libre.vmware
- linuxKernel.packages.linux_6_19.vmware
- linuxKernel.packages.linux_6_18.vmware
- linuxKernel.packages.linux_6_12.vmware
- @LeSuisse accepted
- @LeSuisse published on GitHub
VMware Workstation out-of-bound read vulnerability
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.
Affected products
Workstation
- <25H1U1
Matching in nixpkgs
pkgs.vmware-workstation
Industry standard desktop hypervisor for x86-64 architecture
Ignored packages (40)
pkgs.helio-workstation
One music sequencer for all major platforms, both desktop and mobile
pkgs.linuxPackages.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.13
- nixpkgs-unstable 17.6.3-20250728-6.18.13
- nixos-unstable-small 17.6.3-20250728-6.18.13
pkgs.linuxPackages_lqx.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.12
- nixpkgs-unstable 17.6.3-20250728-6.18.12
- nixos-unstable-small 17.6.3-20250728-6.18.12
pkgs.linuxPackages_zen.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.9
- nixpkgs-unstable 17.6.3-20250728-6.18.9
- nixos-unstable-small 17.6.3-20250728-6.18.9
pkgs.linuxPackages-libre.vmware
None
pkgs.linuxPackages_latest.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.19.3
- nixpkgs-unstable 17.6.3-20250728-6.19.3
- nixos-unstable-small 17.6.3-20250728-6.19.3
pkgs.linuxPackages_xanmod.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.12.74
- nixpkgs-unstable 17.6.3-20250728-6.12.74
- nixos-unstable-small 17.6.3-20250728-6.12.74
pkgs.linuxPackages_hardened.vmware
None
pkgs.linuxPackages_6_1_hardened.vmware
None
pkgs.linuxPackages_6_6_hardened.vmware
None
pkgs.linuxPackages_latest-libre.vmware
None
pkgs.linuxPackages_5_10_hardened.vmware
None
pkgs.linuxPackages_5_15_hardened.vmware
None
pkgs.linuxPackages_xanmod_latest.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.13
- nixpkgs-unstable 17.6.3-20250728-6.18.13
- nixos-unstable-small 17.6.3-20250728-6.18.13
pkgs.linuxPackages_xanmod_stable.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.13
- nixpkgs-unstable 17.6.3-20250728-6.18.13
- nixos-unstable-small 17.6.3-20250728-6.18.13
pkgs.linuxKernel.packages.linux_5_4.vmware
None
pkgs.linuxKernel.packages.linux_6_1.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.1.164
- nixpkgs-unstable 17.6.3-20250728-6.1.164
- nixos-unstable-small 17.6.3-20250728-6.1.164
pkgs.linuxKernel.packages.linux_6_6.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.6.127
- nixpkgs-unstable 17.6.3-20250728-6.6.127
- nixos-unstable-small 17.6.3-20250728-6.6.127
pkgs.linuxKernel.packages.linux_ham.vmware
None
pkgs.linuxKernel.packages.linux_lqx.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.12
- nixpkgs-unstable 17.6.3-20250728-6.18.12
- nixos-unstable-small 17.6.3-20250728-6.18.12
pkgs.linuxKernel.packages.linux_zen.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.9
- nixpkgs-unstable 17.6.3-20250728-6.18.9
- nixos-unstable-small 17.6.3-20250728-6.18.9
pkgs.linuxKernel.packages.linux_5_10.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-5.10.251
- nixpkgs-unstable 17.6.3-20250728-5.10.251
- nixos-unstable-small 17.6.3-20250728-5.10.251
pkgs.linuxKernel.packages.linux_5_15.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-5.15.201
- nixpkgs-unstable 17.6.3-20250728-5.15.201
- nixos-unstable-small 17.6.3-20250728-5.15.201
pkgs.linuxKernel.packages.linux_6_12.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.12.74
- nixpkgs-unstable 17.6.3-20250728-6.12.74
- nixos-unstable-small 17.6.3-20250728-6.12.74
pkgs.linuxKernel.packages.linux_6_18.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.13
- nixpkgs-unstable 17.6.3-20250728-6.18.13
- nixos-unstable-small 17.6.3-20250728-6.18.13
pkgs.linuxKernel.packages.linux_6_19.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.19.3
- nixpkgs-unstable 17.6.3-20250728-6.19.3
- nixos-unstable-small 17.6.3-20250728-6.19.3
pkgs.linuxKernel.packages.linux_libre.vmware
None
pkgs.linuxKernel.packages.linux_xanmod.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.12.74
- nixpkgs-unstable 17.6.3-20250728-6.12.74
- nixos-unstable-small 17.6.3-20250728-6.12.74
pkgs.linuxKernel.packages.linux_hardened.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.12.69
- nixpkgs-unstable 17.6.3-20250728-6.12.69
- nixos-unstable-small 17.6.3-20250728-6.12.69
pkgs.python313Packages.google-cloud-workstations
Python Client for Cloud Workstations
pkgs.python314Packages.google-cloud-workstations
Python Client for Cloud Workstations
pkgs.linuxKernel.packages.linux_6_12_hardened.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.12.69
- nixpkgs-unstable 17.6.3-20250728-6.12.69
- nixos-unstable-small 17.6.3-20250728-6.12.69
pkgs.linuxKernel.packages.linux_xanmod_latest.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.13
- nixpkgs-unstable 17.6.3-20250728-6.18.13
- nixos-unstable-small 17.6.3-20250728-6.18.13
pkgs.linuxKernel.packages.linux_xanmod_stable.vmware
Kernel modules needed for VMware hypervisor
-
nixos-unstable 17.6.3-20250728-6.18.13
- nixpkgs-unstable 17.6.3-20250728-6.18.13
- nixos-unstable-small 17.6.3-20250728-6.18.13
Package maintainers
-
@deinferno deinferno
-
@vifino Adrian Pistol <vifino@tty.sh>
-
@cawilliamson Christopher A. Williamson <home@chrisaw.com>