NIXPKGS-2026-0137
GitHub issue
published on 7 Feb 2026
by @jopejoe1 Activity log
- Created automatic suggestion
-
@jopejoe1
removed
2 packages
- rizinPlugins.sigdb
- cutterPlugins.sigdb
- @jopejoe1 accepted
- @jopejoe1 removed maintainer @chayleaf
- @jopejoe1 published on GitHub
Rizin has a heap overflow on mach0_chained_fixups.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2.
Affected products
rizin
- ==< 0.8.2
Matching in nixpkgs
Ignored packages (2)
pkgs.rizinPlugins.sigdb
Rizin FLIRT Signature Database
-
nixos-unstable 2023-08-23
- nixpkgs-unstable 2023-08-23
- nixos-unstable-small 2023-08-23
-
nixos-25.11 -
- nixos-25.11-small 2023-08-23
- nixpkgs-25.11-darwin 2023-08-23
-
nixos-25.05 2023-08-23
- nixos-25.05-small 2023-08-23
- nixpkgs-25.05-darwin 2023-08-23
pkgs.cutterPlugins.sigdb
Rizin FLIRT Signature Database
-
nixos-unstable 2023-08-23
- nixpkgs-unstable 2023-08-23
- nixos-unstable-small 2023-08-23
-
nixos-25.11 -
- nixos-25.11-small 2023-08-23
- nixpkgs-25.11-darwin 2023-08-23
-
nixos-25.05 2023-08-23
- nixos-25.05-small 2023-08-23
- nixpkgs-25.05-darwin 2023-08-23
Package maintainers
-
@Mic92 Jörg Thalheim <joerg@thalheim.io>
-
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
-
@makefu Felix Richter <makefu@syntax-fehler.de>
Ignored maintainers (1)
-
@chayleaf Anna Pavlyuk <chayleaf-nix@pavluk.org>