Nixpkgs security tracker

Login with GitHub

Details of issue NIXPKGS-2026-1206

NIXPKGS-2026-1206
published on
Permalink CVE-2026-5450
updated 1 week ago by @LeSuisse Activity log
  • Created suggestion 1 week, 1 day ago
  • @LeSuisse ignored
    28 packages
    • libc
    • iconv
    • getent
    • locale
    • mtrace
    • getconf
    • libiconv
    • glibcInfo
    • glibc_multi
    • glibcLocales
    • glibc_memusage
    • glibcLocalesUtf8
    • unixtools.getent
    • unixtools.locale
    • unixtools.getconf
    • minimal-bootstrap.glibc
    • tests.hardeningFlags.glibcxxassertionsStdenvUnsupp
    • tests.hardeningFlags.glibcxxassertionsExplicitEnabled
    • tests.hardeningFlags-gcc.glibcxxassertionsStdenvUnsupp
    • tests.hardeningFlags.glibcxxassertionsExplicitDisabled
    • tests.hardeningFlags-clang.glibcxxassertionsStdenvUnsupp
    • tests.hardeningFlags-gcc.glibcxxassertionsExplicitEnabled
    • tests.hardeningFlags.allExplicitDisabledGlibcxxAssertions
    • tests.hardeningFlags-gcc.glibcxxassertionsExplicitDisabled
    • tests.hardeningFlags-clang.glibcxxassertionsExplicitEnabled
    • tests.hardeningFlags-clang.glibcxxassertionsExplicitDisabled
    • tests.hardeningFlags-gcc.allExplicitDisabledGlibcxxAssertions
    • tests.hardeningFlags-clang.allExplicitDisabledGlibcxxAssertions
    1 week ago
  • @LeSuisse accepted 1 week ago
  • @LeSuisse published on GitHub 1 week ago
scanf %mc off-by-one heap buffer overflow

Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.

Affected products

glibc
  • *

Matching in nixpkgs

Ignored packages (28)

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

Package maintainers

https://www.openwall.com/lists/oss-security/2026/04/20/9