Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2026-24881

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months ago

In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message …

In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that could lead to remote code execution.

References

Affected products

GnuPG

<2.5.17

Matching in nixpkgs

pkgs.gnupg24

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8

pkgs.pam_gnupg

Unlock GnuPG keys on login

nixos-unstable 0.4
- nixpkgs-unstable 0.4
- nixos-unstable-small 0.4

pkgs.gnupg1compat

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8

pkgs.gnupg-pkcs11-scd

Smart-card daemon to enable the use of PKCS#11 tokens with GnuPG

nixos-unstable pkcs11-scd-0.11.0
- nixpkgs-unstable pkcs11-scd-0.11.0
- nixos-unstable-small pkcs11-scd-0.11.0

pkgs.phpExtensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4

pkgs.php81Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

pkgs.php82Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4

pkgs.php83Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4

pkgs.php84Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4

pkgs.sequoia-chameleon-gnupg

Sequoia's reimplementation of the GnuPG interface

nixos-unstable 0.13.1
- nixpkgs-unstable 0.13.1
- nixos-unstable-small 0.13.1

pkgs.perlPackages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.perl538Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.perl540Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.python312Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-unstable 0.5.5
- nixpkgs-unstable 0.5.5
- nixos-unstable-small 0.5.5

pkgs.python313Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-unstable 0.5.5
- nixpkgs-unstable 0.5.5
- nixos-unstable-small 0.5.5

Package maintainers

@stigtsp Stig Palmquist <stig@stig.io>
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@philandstuff Philip Potter <philip.g.potter@gmail.com>
@matthiasbeyer Matthias Beyer <mail@beyermatthias.de>
@mtreca Maxime Tréca <maxime.treca@gmail.com>
@aanderse Aaron Andersen <aaron@fosslib.net>
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
@piotrkwiecinski Piotr Kwiecinski <piokwiecinski+nixpkgs@gmail.com>
@taikx4 taikx4 <taikx4@taikx4szlaj2rsdupcwabg35inbny4jk322ngeb7qwbbhd5i55nf5yyd.onion>
@talyz Kim Lindberger <kim.lindberger@gmail.com>
@NickCao Nick Cao <nickcao@nichi.co>