Nixpkgs security tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2026-24882

8.4 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 3 months, 2 weeks ago Activity log

Created suggestion 3 months, 2 weeks ago

In GnuPG before 2.5.17, a stack-based buffer overflow exists in …

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.

References

Affected products

GnuPG

<2.5.17

Matching in nixpkgs

pkgs.gnupg24

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8

pkgs.pam_gnupg

Unlock GnuPG keys on login

nixos-unstable 0.4
- nixpkgs-unstable 0.4
- nixos-unstable-small 0.4

pkgs.gnupg1compat

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8

pkgs.gnupg-pkcs11-scd

Smart-card daemon to enable the use of PKCS#11 tokens with GnuPG

nixos-unstable pkcs11-scd-0.11.0
- nixpkgs-unstable pkcs11-scd-0.11.0
- nixos-unstable-small pkcs11-scd-0.11.0

pkgs.phpExtensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4

pkgs.php81Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

pkgs.php82Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4

pkgs.php83Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4

pkgs.php84Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4

pkgs.sequoia-chameleon-gnupg

Sequoia's reimplementation of the GnuPG interface

nixos-unstable 0.13.1
- nixpkgs-unstable 0.13.1
- nixos-unstable-small 0.13.1

pkgs.perlPackages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.perl538Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.perl540Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.python312Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-unstable 0.5.5
- nixpkgs-unstable 0.5.5
- nixos-unstable-small 0.5.5

pkgs.python313Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-unstable 0.5.5
- nixpkgs-unstable 0.5.5
- nixos-unstable-small 0.5.5

Package maintainers

@stigtsp Stig Palmquist <stig@stig.io>
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@matthiasbeyer Matthias Beyer <mail@beyermatthias.de>
@philandstuff Philip Potter <philip.g.potter@gmail.com>
@mtreca Maxime Tréca <maxime.treca@gmail.com>
@taikx4 taikx4 <taikx4@taikx4szlaj2rsdupcwabg35inbny4jk322ngeb7qwbbhd5i55nf5yyd.onion>
@talyz Kim Lindberger <kim.lindberger@gmail.com>
@aanderse Aaron Andersen <aaron@fosslib.net>
@piotrkwiecinski Piotr Kwiecinski <piokwiecinski+nixpkgs@gmail.com>
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
@NickCao Nick Cao <nickcao@nichi.co>