Nixpkgs security tracker

Login with GitHub

Suggestions search

Untriaged

Filter by:

With package: bdftopcf

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-1739

5.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): Low (L)
Exploit Code Maturity (E): Proof-of-Concept (P)
Remediation Level (RL): Official Fix (O)
Report Confidence (RC): Confirmed (C)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): Low (L)

created 3 months, 3 weeks ago Activity log

Created suggestion 3 months, 3 weeks ago

Free5GC pcf smpolicy.go HandleCreateSmPolicyRequest null pointer dereference

A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is df535f5524314620715e842baf9723efbeb481a7. Applying a patch is the recommended action to fix this issue.

References

VDB-343638 | Free5GC pcf smpolicy.go HandleCreateSmPolicyRequest null pointer dereference vdb-entrytechnical-description
VDB-343638 | CTI Indicators (IOB, IOC, IOA) signaturepermissions-required
Submit #741194 | free5gc PCF v4.1.0 Denial of Service third-party-advisory
https://github.com/free5gc/free5gc/issues/803 issue-tracking
https://github.com/free5gc/pcf/pull/62 issue-tracking
https://github.com/free5gc/free5gc/issues/803#issue-3815770007 issue-trackingexploit
https://github.com/free5gc/pcf/commit/df535f5524314620715e842baf9723efbeb481a7 patch
https://github.com/free5gc/pcf/ product

Affected products

pcf

==1.4.0
==1.4.1

Matching in nixpkgs

pkgs.cpcfs

Manipulating CPC dsk images and files

nixos-unstable 0.85.4
- nixpkgs-unstable 0.85.4
- nixos-unstable-small 0.85.4
nixos-25.11 -
- nixos-25.11-small 0.85.4
- nixpkgs-25.11-darwin 0.85.4

pkgs.bdftopcf

Converts X font from Bitmap Distribution Format to Portable Compiled Format

nixos-unstable 1.1.2
- nixpkgs-unstable 1.1.2
- nixos-unstable-small 1.1.2
nixos-25.11 -
- nixos-25.11-small 1.1.2
- nixpkgs-25.11-darwin 1.1.2

pkgs.xorg.bdftopcf

None

nixos-unstable 1.1.2
- nixpkgs-unstable 1.1.2
- nixos-unstable-small 1.1.2
nixos-25.11 -
- nixos-25.11-small 1.1.2
- nixpkgs-25.11-darwin 1.1.2

pkgs.libretro.beetle-pcfx

Port of Mednafen's PCFX core to libretro

nixos-unstable 0-unstable-2024-10-21
- nixpkgs-unstable 0-unstable-2024-10-21
- nixos-unstable-small 0-unstable-2024-10-21
nixos-25.11 -
- nixos-25.11-small 0-unstable-2024-10-21
- nixpkgs-25.11-darwin 0-unstable-2024-10-21

pkgs.python312Packages.pcffont

A library for manipulating Portable Compiled Format (PCF) Fonts

nixos-unstable 0.0.21
nixos-25.11 -
- nixos-25.11-small 0.0.21
- nixpkgs-25.11-darwin 0.0.21

pkgs.python313Packages.pcffont

A library for manipulating Portable Compiled Format (PCF) Fonts

nixos-unstable 0.0.21
- nixpkgs-unstable 0.0.21
- nixos-unstable-small 0.0.21
nixos-25.11 -
- nixos-25.11-small 0.0.21
- nixpkgs-25.11-darwin 0.0.21

pkgs.python314Packages.pcffont

Library for manipulating Portable Compiled Format (PCF) Fonts

nixos-unstable -
- nixpkgs-unstable 0.0.21
- nixos-unstable-small 0.0.21

Package maintainers

@hrdinka Christoph Hrdinka <c.nix@hrdinka.at>
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
@aanderse Aaron Andersen <aaron@fosslib.net>
@thiagokokada Thiago K. Okada <thiagokokada@gmail.com>
@TakWolf TakWolf <takwolf@foxmail.com>
@h7x4 h7x4 <h7x4@nani.wtf>

1