Nixpkgs security tracker

Login with GitHub

Details of issue NIXPKGS-2026-0492

NIXPKGS-2026-0492
published 3 months, 4 weeks ago
Permalink CVE-2026-28372
7.4 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 3 months, 4 weeks ago by @anthonyroussel Activity log
  • Created suggestion 3 months, 4 weeks ago
  • @anthonyroussel accepted 3 months, 4 weeks ago
  • @anthonyroussel published on GitHub 3 months, 4 weeks ago
telnetd in GNU inetutils through 2.7 allows privilege escalation that …

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.

Affected products

inetutils
  • =<2.7

Matching in nixpkgs

pkgs.inetutils

Collection of common network programs

  • nixos-unstable 2.7
    • nixpkgs-unstable 2.7
    • nixos-unstable-small 2.7 
Upstream advisory: https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html
Upstream patch: https://cgit.git.savannah.gnu.org/cgit/inetutils.git/commit/?id=4db2f19f4caac03c7f4da6363c140bd70df31386