NIXPKGS-2026-0064

GitHub issue published 5 months ago

Permalink CVE-2026-1144

6.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): Low (L)
Exploit Code Maturity (E): Proof-of-Concept (P)
Remediation Level (RL): Official Fix (O)
Report Confidence (RC): Confirmed (C)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): Low (L)

updated 5 months ago by @LeSuisse Activity log

Created suggestion 5 months ago
@LeSuisse ignored
4 packages
- python312Packages.quickjs
- python313Packages.quickjs
- python312Packages.llm-tools-quickjs
- python313Packages.llm-tools-quickjs
5 months ago
@LeSuisse accepted 5 months ago
@LeSuisse published on GitHub 5 months ago

quickjs-ng quickjs Atomics Ops quickjs.c use after free

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is identified as ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141. Applying a patch is advised to resolve this issue.

References

VDB-341737 | quickjs-ng quickjs Atomics Ops quickjs.c use after free vdb-entry
VDB-341737 | CTI Indicators (IOB, IOC, IOA) permissions-requiredsignature
Submit #735537 | quickjs-ng quickjs v0.11.0 Use After Free third-party-advisory
Submit #735538 | quickjs-ng quickjs v0.11.0 Use After Free (Duplicate) third-party-advisory
https://github.com/quickjs-ng/quickjs/issues/1301 issue-tracking
https://github.com/quickjs-ng/quickjs/pull/1303 issue-tracking
https://github.com/quickjs-ng/quickjs/issues/1302 issue-trackingexploit
https://github.com/quickjs-ng/quickjs/commit/ea3e9d77454e8fc9cb3ef3c504e9c16af5… patch

Affected products

quickjs

==0.9
==0.10
==0.11.0
==0.1
==0.4
==0.3
==0.6
==0.7
==0.5
==0.8
==0.2

Matching in nixpkgs

pkgs.quickjs

Small and embeddable Javascript engine

nixos-unstable 2025-09-13-2
- nixpkgs-unstable 2025-09-13-2
- nixos-unstable-small 2025-09-13-2

pkgs.quickjs-ng

Mighty JavaScript engine

nixos-unstable 0.11.0
- nixpkgs-unstable 0.11.0
- nixos-unstable-small 0.11.0

Ignored packages (4)

pkgs.python312Packages.quickjs

Python wrapper around the quickjs C library

nixos-unstable 1.19.4
- nixpkgs-unstable 1.19.4
- nixos-unstable-small 1.19.4

pkgs.python313Packages.quickjs

Python wrapper around the quickjs C library

nixos-unstable 1.19.4
- nixpkgs-unstable 1.19.4
- nixos-unstable-small 1.19.4

pkgs.python312Packages.llm-tools-quickjs

JavaScript execution as a tool for LLM

nixos-unstable 0.1
- nixpkgs-unstable 0.1
- nixos-unstable-small 0.1

pkgs.python313Packages.llm-tools-quickjs