NIXPKGS-2026-0075

GitHub issue published on 21 Jan 2026

Permalink CVE-2024-36600

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed package libcdio-paranoia 1 month ago
@LeSuisse accepted 1 month ago
@LeSuisse published on GitHub 1 month ago

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to …

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.

Affected products

n/a

==n/a

libcdio

==2.1.0

Matching in nixpkgs

pkgs.libcdio

Library for OS-independent CD-ROM and CD image access

nixos-unstable 2.2.0
- nixpkgs-unstable 2.2.0
- nixos-unstable-small 2.2.0

Upstream fix: https://github.com/libcdio/libcdio/commit/417478a7474af41c27ab3f876f31783fa06a5dbc
Fixed in 2.3.0: https://github.com/libcdio/libcdio/releases/tag/2.3.0

Nixpkgs Security Tracker

Details of issue NIXPKGS-2026-0075

Affected products

Matching in nixpkgs

pkgs.libcdio