Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2024-6563
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
Buffer Overflow Arbitrary Write

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.

Affected products

arm-trusted-firmware
  • =<c9fb3558410032d2660c7f3b7d4b87dec09fe2f2

Matching in nixpkgs

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareS905

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareTools

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3328

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3399

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3568

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3588

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinner

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinnerH6

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinnerH616

Reference implementation of secure world software for ARMv8-A

Package maintainers: 1

CVE-2024-6409
7.0 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 3 months ago
Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9

A signal handler race condition vulnerability was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). This issue leaves it vulnerable to a signal handler race condition on the cleanup_exit() function, which introduces the same vulnerability as CVE-2024-6387 in the unprivileged child of the SSHD server.

Affected products

rhcos
  • *
OpenSSH
openssh
  • *

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

pkgs.opensshTest

Implementation of the SSH protocol

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

pkgs.opensshWithKerberos

Implementation of the SSH protocol

pkgs.openssh_hpnWithKerberos

Implementation of the SSH protocol with high performance networking patches

pkgs.lxqt.lxqt-openssh-askpass

GUI to query passwords on behalf of SSH agents

Package maintainers: 7

CVE-2023-47663
4.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
CISA ADP Vulnrichment

None

Affected products

foyer
  • =<1.7.5

Matching in nixpkgs

pkgs.python312Packages.ghome-foyer-api

Generated Python protobuf stubs for Google Home internal API

pkgs.python313Packages.ghome-foyer-api

Generated Python protobuf stubs for Google Home internal API

Package maintainers: 1

CVE-2024-6126
3.2 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 3 months ago
Cockpit: authenticated user can kill any process when enabling pam_env's user_readenv option

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.

Affected products

cockpit
  • *

Matching in nixpkgs

pkgs.cockpit

Web-based graphical interface for servers

Package maintainers: 1

CVE-2024-6387
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
Openssh: possible remote code execution due to a race condition in signal handling

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().

Affected products

rhcos
  • *
OpenSSH
  • =<9.7p1
openssh
  • *
rhceph-6-rhel9

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

pkgs.opensshTest

Implementation of the SSH protocol

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

pkgs.opensshWithKerberos

Implementation of the SSH protocol

pkgs.openssh_hpnWithKerberos

Implementation of the SSH protocol with high performance networking patches

pkgs.lxqt.lxqt-openssh-askpass

GUI to query passwords on behalf of SSH agents

Package maintainers: 7

CVE-2024-37248
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress Anima theme <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Anima allows Stored XSS.This issue affects Anima: from n/a through 1.4.1.

Affected products

anima
  • =<1.4.1

Matching in nixpkgs

pkgs.animatch

Cute match three game for the Librem 5 smartphone

pkgs.gpx-animator

GPX track to video animator

pkgs.gnomeExtensions.disable-workspace-animation

GNOME Shell 45+ extension that disables the workspace animation when switching between workspaces

pkgs.gnomeExtensions.disable-workspace-switch-animation-for-gnome-40

Disables the workspace switch animation while preserving all other animations - instantly switch between workspaces with keyboard shortcuts.

Package maintainers: 3

CVE-2024-6287
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
Incorrect Address Range Calculations

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite an already loaded image partly or completely, which could result in code execution and bypass of secure boot.

Affected products

arm-trusted-firmware
  • <954d488a9798f8fda675c6b57c571b469b298f04

Matching in nixpkgs

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareS905

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareTools

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3328

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3399

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3568

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3588

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinner

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinnerH6

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinnerH616

Reference implementation of secure world software for ARMv8-A

Package maintainers: 1

CVE-2024-6285
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
Integer Underflow in Memory Range Check in Renesas RCAR

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.

Affected products

arm-trusted-firmware
  • <b596f580637bae919b0ac3a5471422a1f756db3b

Matching in nixpkgs

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareS905

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareTools

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3328

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3399

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3568

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareRK3588

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinner

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinnerH6

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareAllwinnerH616

Reference implementation of secure world software for ARMv8-A

Package maintainers: 1

CVE-2024-6239
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 months ago
Poppler: pdfinfo: crash in broken documents when using -dests parameter

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

Affected products

poppler
  • =<24.06.1
  • *
compat-poppler022
gimp:flatpak/poppler
  • *
inkscape:flatpak/poppler
  • *
libreoffice:flatpak/poppler
  • *

Matching in nixpkgs

pkgs.poppler

PDF rendering library

pkgs.poppler_gi

PDF rendering library

pkgs.poppler_min

PDF rendering library

pkgs.poppler_data

Encoding files for Poppler, a PDF rendering library

pkgs.poppler_utils

PDF rendering library

pkgs.libsForQt5.poppler

PDF rendering library

pkgs.kdePackages.poppler

PDF rendering library

pkgs.qt6Packages.poppler

PDF rendering library

pkgs.plasma5Packages.poppler

PDF rendering library

pkgs.haskellPackages.gi-poppler

Poppler bindings

pkgs.python312Packages.python-poppler

Python binding to poppler-cpp

pkgs.python313Packages.python-poppler

Python binding to poppler-cpp

pkgs.tests.pkg-config.defaultPkgConfigPackages.poppler-glib

Test whether poppler-glib-25.07.0 exposes pkg-config modules poppler-glib

  • nixos-unstable ???
    • nixpkgs-unstable

Package maintainers: 3

CVE-2024-35758
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress Interface theme <= 3.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Horse Interface allows Stored XSS.This issue affects Interface: from n/a through 3.1.0.

Affected products

interface
  • =<3.1.0

Matching in nixpkgs

pkgs.aws-lambda-rie

Locally test Lambda functions packaged as container images

pkgs.fusee-interfacee-tk

Tool to send .bin files to a Nintendo Switch in RCM mode

pkgs.akkuPackages.arvyy-interface

Interface abstraction for a set of functions

pkgs.kdePackages.kontactinterface

Support libraries to assist integration with Kontact

pkgs.nagiosPlugins.check_interfaces

Icinga check plugin for network hardware interfaces

pkgs.python312Packages.interface-meta

Convenient way to expose an extensible API with enforced method signatures and consistent documentation

pkgs.python312Packages.zope-interface

Zope.Interface

pkgs.python313Packages.interface-meta

Convenient way to expose an extensible API with enforced method signatures and consistent documentation

pkgs.python313Packages.zope-interface

Zope.Interface

pkgs.haskellPackages.hack2-interface-wai

Hack2 interface to WAI

pkgs.chickenPackages_5.chickenEggs.interfaces

Simple interface/implementation abstraction

pkgs.python312Packages.dbt-semantic-interfaces

Shared interfaces used by dbt-core and MetricFlow projects

pkgs.python313Packages.dbt-semantic-interfaces

Shared interfaces used by dbt-core and MetricFlow projects

pkgs.python312Packages.pinecone-plugin-interface

Plugin interface for the Pinecone python client

pkgs.python313Packages.pinecone-plugin-interface

Plugin interface for the Pinecone python client

pkgs.gnomeExtensions.input-source-d-bus-interface

Add D-Bus interface for changing input sources via command

pkgs.python312Packages.snakemake-interface-common

Common functions and classes for Snakemake and its plugins

pkgs.python313Packages.snakemake-interface-common

Common functions and classes for Snakemake and its plugins

pkgs.tree-sitter-grammars.tree-sitter-ocaml-interface

pkgs.python312Packages.netbox-interface-synchronization

Netbox plugin to compare and synchronize interfaces between devices and device types

pkgs.python313Packages.netbox-interface-synchronization

Netbox plugin to compare and synchronize interfaces between devices and device types

pkgs.vimPlugins.nvim-treesitter-parsers.ocaml_interface

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.python312Packages.snakemake-interface-logger-plugins

Stable interface for interactions between Snakemake and its logger plugins

pkgs.python312Packages.snakemake-interface-report-plugins

Interface for Snakemake report plugins

pkgs.python313Packages.snakemake-interface-logger-plugins

Stable interface for interactions between Snakemake and its logger plugins

pkgs.python313Packages.snakemake-interface-report-plugins

Interface for Snakemake report plugins

pkgs.python312Packages.snakemake-interface-storage-plugins

This package provides a stable interface for interactions between Snakemake and its storage plugins

pkgs.python313Packages.snakemake-interface-storage-plugins

This package provides a stable interface for interactions between Snakemake and its storage plugins

pkgs.python312Packages.snakemake-interface-executor-plugins

This package provides a stable interface for interactions between Snakemake and its executor plugins

pkgs.python313Packages.snakemake-interface-executor-plugins

This package provides a stable interface for interactions between Snakemake and its executor plugins

pkgs.python312Packages.tree-sitter-grammars.tree-sitter-ocaml-interface

Python bindings for tree-sitter-ocaml-interface

pkgs.python313Packages.tree-sitter-grammars.tree-sitter-ocaml-interface

Python bindings for tree-sitter-ocaml-interface

Package maintainers: 22