Nixpkgs security tracker

Untriaged

Permalink CVE-2026-42488

8.1 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 day, 12 hours ago Activity log

Created suggestion 1 day, 12 hours ago

x86: mismatched mapcache metadata

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache.

References

Affected products

Xen

==consult Xen advisory XSA-494

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

nixos-unstable 4.20.3
- nixpkgs-unstable 4.20.3
- nixos-unstable-small 4.20.3
nixos-26.05 4.20.3
- nixos-26.05-small 4.20.3
- nixpkgs-26.05-darwin 4.20.3

pkgs.xenon

Monitoring tool based on radon

nixos-unstable 0.9.3
- nixpkgs-unstable 0.9.3
- nixos-unstable-small 0.9.3
nixos-26.05 0.9.3
- nixos-26.05-small 0.9.3
- nixpkgs-26.05-darwin 0.9.3

pkgs.hhexen

None

nixos-unstable 1.6.4
- nixos-unstable-small 1.6.4
nixos-26.05 1.6.4
- nixos-26.05-small 1.6.4
- nixpkgs-26.05-darwin 1.6.4

pkgs.lexend

None

nixos-unstable 0.pre+date=2022-09-22
- nixos-unstable-small 0.pre+date=2022-09-22
nixos-26.05 0.pre+date=2022-09-22
- nixos-26.05-small 0.pre+date=2022-09-22
- nixpkgs-26.05-darwin 0.pre+date=2022-09-22

pkgs.uhexen2

Cross-platform port of Hexen II game

nixos-unstable 1.5.9
- nixpkgs-unstable 1.5.9
- nixos-unstable-small 1.5.9
nixos-26.05 1.5.9
- nixos-26.05-small 1.5.9
- nixpkgs-26.05-darwin 1.5.9

pkgs.OVMF-xen

Sample UEFI firmware for Xen guests

nixos-unstable 202602
- nixpkgs-unstable 202602
- nixos-unstable-small 202602
nixos-26.05 202602
- nixos-26.05-small 202602
- nixpkgs-26.05-darwin 202602

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.2
- nixpkgs-unstable 11.0.0
- nixos-unstable-small 11.0.0
nixos-26.05 10.2.2
- nixos-26.05-small 10.2.2
- nixpkgs-26.05-darwin 10.2.2

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

nixos-unstable 1.0.2
- nixpkgs-unstable 1.0.2
- nixos-unstable-small 1.0.2
nixos-26.05 1.0.2
- nixos-26.05-small 1.0.2
- nixpkgs-26.05-darwin 1.0.2

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

nixos-unstable 2.6.5-1
- nixpkgs-unstable 2.6.5-1
- nixos-unstable-small 2.6.5-1
nixos-26.05 2.6.5-1
- nixos-26.05-small 2.6.5-1
- nixpkgs-26.05-darwin 2.6.5-1

pkgs.xenia-canary

Xbox 360 Emulator Research Project

nixos-unstable 0-unstable-2026-05-03
- nixpkgs-unstable 0-unstable-2026-06-05
- nixos-unstable-small 0-unstable-2026-06-05
nixos-26.05 0-unstable-2026-05-03
- nixos-26.05-small 0-unstable-2026-05-03
- nixpkgs-26.05-darwin 0-unstable-2026-05-03

pkgs.xen-guest-agent

Xen agent running in Linux/BSDs (POSIX) VMs

nixos-unstable 0.4.0-unstable-2024-05-31
- nixpkgs-unstable 0.4.0-unstable-2024-05-31
- nixos-unstable-small 0.4.0-unstable-2024-05-31
nixos-26.05 0.4.0-unstable-2024-05-31
- nixos-26.05-small 0.4.0-unstable-2024-05-31
- nixpkgs-26.05-darwin 0.4.0-unstable-2024-05-31

pkgs.libretro.nxengine

None

nixos-unstable 0-unstable-2026-04-09
- nixos-unstable-small 0-unstable-2026-04-09
nixos-26.05 0-unstable-2026-04-09
- nixos-26.05-small 0-unstable-2026-04-09
- nixpkgs-26.05-darwin 0-unstable-2026-04-09

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-26.05 -
- nixos-26.05-small
- nixpkgs-26.05-darwin

pkgs.grub2_pvhgrub_image

None

nixos-unstable -
- nixos-unstable-small
nixos-26.05 -
- nixos-26.05-small
- nixpkgs-26.05-darwin

pkgs.hunspellDicts.eu-es

None

nixos-unstable 5-2015.11.10
- nixos-unstable-small 5-2015.11.10
nixos-26.05 5-2015.11.10
- nixos-26.05-small 5-2015.11.10
- nixpkgs-26.05-darwin 5-2015.11.10

pkgs.hunspellDicts.eu_ES

Basque (Xuxen 5)

nixos-unstable 5-2015.11.10
- nixpkgs-unstable 5-2015.11.10
- nixos-unstable-small 5-2015.11.10
nixos-26.05 5-2015.11.10
- nixos-26.05-small 5-2015.11.10
- nixpkgs-26.05-darwin 5-2015.11.10

pkgs.haskellPackages.xeno

None

nixos-unstable 0.6
- nixos-unstable-small 0.6
nixos-26.05 0.6
- nixos-26.05-small 0.6
- nixpkgs-26.05-darwin 0.6

pkgs.python313Packages.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

nixos-unstable 4.20.3
- nixpkgs-unstable 4.20.3
- nixos-unstable-small 4.20.3
nixos-26.05 4.20.3
- nixos-26.05-small 4.20.3
- nixpkgs-26.05-darwin 4.20.3

pkgs.python314Packages.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

nixos-unstable 4.20.3
- nixpkgs-unstable 4.20.3
- nixos-unstable-small 4.20.3
nixos-26.05 4.20.3
- nixos-26.05-small 4.20.3
- nixpkgs-26.05-darwin 4.20.3

pkgs.ocamlPackages.xenstore

Xenstore protocol in pure OCaml

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-26.05 2.3.0
- nixos-26.05-small 2.3.0
- nixpkgs-26.05-darwin 2.3.0

pkgs.ocamlPackages.mirage-xen

Xen core platform libraries for MirageOS

nixos-unstable 8.0.1
- nixpkgs-unstable 8.0.1
- nixos-unstable-small 8.0.1
nixos-26.05 8.0.1
- nixos-26.05-small 8.0.1
- nixpkgs-26.05-darwin 8.0.1

pkgs.haskellPackages.xenomorph

None

nixos-unstable 0.0.1.0
- nixpkgs-unstable 0.0.1.0
- nixos-unstable-small 0.0.1.0
nixos-26.05 0.0.1.0
- nixos-26.05-small 0.0.1.0
- nixpkgs-26.05-darwin 0.0.1.0