Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: glibc_memusage

Found 10 matching suggestions

Permalink CVE-2025-4056
created 4 months, 3 weeks ago
Glib: glib crash after long command line

A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines.

Affected products

glib
  • <2.84.1
bootc
glib2
loupe
librsvg2
mingw-glib2
glycin-loaders

Matching in nixpkgs

pkgs.glib

C library of programming buildings blocks

  • nixos-unstable -

pkgs.libc

GNU C Library

pkgs.bootc

Boot and upgrade via container images

  • nixos-unstable -

pkgs.loupe

Simple image viewer application written with GTK4 and Rust

  • nixos-unstable -

pkgs.alglib

Numerical analysis and data processing library

  • nixos-unstable -

pkgs.glibmm

C++ interface to the GLib library

  • nixos-unstable -

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.spglib

C library for finding and handling crystal symmetries

  • nixos-unstable -

pkgs.taglib

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.taglib_1

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.dbus-glib

Obsolete glib bindings for D-Bus lightweight IPC mechanism

  • nixos-unstable -

pkgs.glibcInfo

GNU Info manual of the GNU C Library

pkgs.json-glib

Library providing (de)serialization support for the JavaScript Object Notation (JSON) format

  • nixos-unstable -

pkgs.i3ipc-glib

C interface library to i3wm

  • nixos-unstable -

pkgs.libdbusmenu

Library for passing menu structures across DBus

pkgs.libzim-glib

Partial GObject/C bindings for libzim

  • nixos-unstable -

pkgs.glib-testing

Test library providing test harnesses and mock classes complementing the classes provided by GLib

  • nixos-unstable -

pkgs.jsonrpc-glib

Library to communicate using the JSON-RPC 2.0 specification

  • nixos-unstable -

pkgs.libgit2-glib

Glib wrapper library around the libgit2 git access library

  • nixos-unstable -

pkgs.libqrtr-glib

Qualcomm IPC Router protocol helper library

  • nixos-unstable -

pkgs.libvirt-glib

Wrapper library of libvirt for glib-based applications

  • nixos-unstable -

pkgs.podman-bootc

Streamlining podman+bootc interactions

  • nixos-unstable -

pkgs.taglib-sharp

Library for reading and writing metadata in media files

pkgs.template-glib

Library for template expansion which supports calling into GObject Introspection from templates

  • nixos-unstable -

pkgs.appstream-glib

Objects and helper methods to read and write AppStream metadata

  • nixos-unstable -

pkgs.geocode-glib_2

Convenience library for the geocoding and reverse geocoding using Nominatim service

  • nixos-unstable -

pkgs.libsignon-glib

Library for managing single signon credentials which can be used from GLib applications

  • nixos-unstable -

pkgs.libaccounts-glib

Library for managing accounts which can be used from GLib applications

  • nixos-unstable -

pkgs.haskellPackages.uu-parsinglib

Fast, online, error-correcting, monadic, applicative, merging, permuting, interleaving, idiomatic parser combinators

  • nixos-unstable -

pkgs.python312Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -

pkgs.python313Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -

Package maintainers

Permalink CVE-2025-8058
created 4 months, 3 weeks ago
The regcomp function in the GNU C library version from …

The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.

Affected products

glibc
  • <2.42
  • <2.43

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcInfo

GNU Info manual of the GNU C Library

Package maintainers

Permalink CVE-2023-32611
created 4 months, 3 weeks ago
G_variant_byteswap() can take a long time with some non-normal inputs

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.

Affected products

glib
glib2
mingw-glib2

Matching in nixpkgs

pkgs.glib

C library of programming buildings blocks

  • nixos-unstable -

pkgs.libc

GNU C Library

pkgs.alglib

Numerical analysis and data processing library

  • nixos-unstable -

pkgs.glibmm

C++ interface to the GLib library

  • nixos-unstable -

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.spglib

C library for finding and handling crystal symmetries

  • nixos-unstable -

pkgs.taglib

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.taglib_1

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.dbus-glib

Obsolete glib bindings for D-Bus lightweight IPC mechanism

  • nixos-unstable -

pkgs.glibcInfo

GNU Info manual of the GNU C Library

pkgs.json-glib

Library providing (de)serialization support for the JavaScript Object Notation (JSON) format

  • nixos-unstable -

pkgs.i3ipc-glib

C interface library to i3wm

  • nixos-unstable -

pkgs.libdbusmenu

Library for passing menu structures across DBus

pkgs.libzim-glib

Partial GObject/C bindings for libzim

  • nixos-unstable -

pkgs.glib-testing

Test library providing test harnesses and mock classes complementing the classes provided by GLib

  • nixos-unstable -

pkgs.jsonrpc-glib

Library to communicate using the JSON-RPC 2.0 specification

  • nixos-unstable -

pkgs.libgit2-glib

Glib wrapper library around the libgit2 git access library

  • nixos-unstable -

pkgs.libqrtr-glib

Qualcomm IPC Router protocol helper library

  • nixos-unstable -

pkgs.libvirt-glib

Wrapper library of libvirt for glib-based applications

  • nixos-unstable -

pkgs.taglib-sharp

Library for reading and writing metadata in media files

pkgs.template-glib

Library for template expansion which supports calling into GObject Introspection from templates

  • nixos-unstable -

pkgs.appstream-glib

Objects and helper methods to read and write AppStream metadata

  • nixos-unstable -

pkgs.geocode-glib_2

Convenience library for the geocoding and reverse geocoding using Nominatim service

  • nixos-unstable -

pkgs.libsignon-glib

Library for managing single signon credentials which can be used from GLib applications

  • nixos-unstable -

pkgs.libaccounts-glib

Library for managing accounts which can be used from GLib applications

  • nixos-unstable -

pkgs.haskellPackages.uu-parsinglib

Fast, online, error-correcting, monadic, applicative, merging, permuting, interleaving, idiomatic parser combinators

  • nixos-unstable -

pkgs.python312Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -

pkgs.python313Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -
Permalink CVE-2023-29499
created 4 months, 3 weeks ago
Gvariant offset table entry size is not checked in is_normal()

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.

Affected products

glib
glib2
mingw-glib2

Matching in nixpkgs

pkgs.glib

C library of programming buildings blocks

  • nixos-unstable -

pkgs.libc

GNU C Library

pkgs.alglib

Numerical analysis and data processing library

  • nixos-unstable -

pkgs.glibmm

C++ interface to the GLib library

  • nixos-unstable -

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.spglib

C library for finding and handling crystal symmetries

  • nixos-unstable -

pkgs.taglib

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.taglib_1

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.dbus-glib

Obsolete glib bindings for D-Bus lightweight IPC mechanism

  • nixos-unstable -

pkgs.glibcInfo

GNU Info manual of the GNU C Library

pkgs.json-glib

Library providing (de)serialization support for the JavaScript Object Notation (JSON) format

  • nixos-unstable -

pkgs.i3ipc-glib

C interface library to i3wm

  • nixos-unstable -

pkgs.libdbusmenu

Library for passing menu structures across DBus

pkgs.libzim-glib

Partial GObject/C bindings for libzim

  • nixos-unstable -

pkgs.glib-testing

Test library providing test harnesses and mock classes complementing the classes provided by GLib

  • nixos-unstable -

pkgs.jsonrpc-glib

Library to communicate using the JSON-RPC 2.0 specification

  • nixos-unstable -

pkgs.libgit2-glib

Glib wrapper library around the libgit2 git access library

  • nixos-unstable -

pkgs.libqrtr-glib

Qualcomm IPC Router protocol helper library

  • nixos-unstable -

pkgs.libvirt-glib

Wrapper library of libvirt for glib-based applications

  • nixos-unstable -

pkgs.taglib-sharp

Library for reading and writing metadata in media files

pkgs.template-glib

Library for template expansion which supports calling into GObject Introspection from templates

  • nixos-unstable -

pkgs.appstream-glib

Objects and helper methods to read and write AppStream metadata

  • nixos-unstable -

pkgs.geocode-glib_2

Convenience library for the geocoding and reverse geocoding using Nominatim service

  • nixos-unstable -

pkgs.libsignon-glib

Library for managing single signon credentials which can be used from GLib applications

  • nixos-unstable -

pkgs.libaccounts-glib

Library for managing accounts which can be used from GLib applications

  • nixos-unstable -

pkgs.haskellPackages.uu-parsinglib

Fast, online, error-correcting, monadic, applicative, merging, permuting, interleaving, idiomatic parser combinators

  • nixos-unstable -

pkgs.python312Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -

pkgs.python313Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -
Permalink CVE-2023-32665
created 4 months, 3 weeks ago
Gvariant deserialisation does not match spec for non-normal data

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

Affected products

glib
glib2
mingw-glib2

Matching in nixpkgs

pkgs.glib

C library of programming buildings blocks

  • nixos-unstable -

pkgs.libc

GNU C Library

pkgs.alglib

Numerical analysis and data processing library

  • nixos-unstable -

pkgs.glibmm

C++ interface to the GLib library

  • nixos-unstable -

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.spglib

C library for finding and handling crystal symmetries

  • nixos-unstable -

pkgs.taglib

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.taglib_1

Library for reading and editing audio file metadata

  • nixos-unstable -

pkgs.dbus-glib

Obsolete glib bindings for D-Bus lightweight IPC mechanism

  • nixos-unstable -

pkgs.glibcInfo

GNU Info manual of the GNU C Library

pkgs.json-glib

Library providing (de)serialization support for the JavaScript Object Notation (JSON) format

  • nixos-unstable -

pkgs.i3ipc-glib

C interface library to i3wm

  • nixos-unstable -

pkgs.libdbusmenu

Library for passing menu structures across DBus

pkgs.libzim-glib

Partial GObject/C bindings for libzim

  • nixos-unstable -

pkgs.glib-testing

Test library providing test harnesses and mock classes complementing the classes provided by GLib

  • nixos-unstable -

pkgs.jsonrpc-glib

Library to communicate using the JSON-RPC 2.0 specification

  • nixos-unstable -

pkgs.libgit2-glib

Glib wrapper library around the libgit2 git access library

  • nixos-unstable -

pkgs.libqrtr-glib

Qualcomm IPC Router protocol helper library

  • nixos-unstable -

pkgs.libvirt-glib

Wrapper library of libvirt for glib-based applications

  • nixos-unstable -

pkgs.taglib-sharp

Library for reading and writing metadata in media files

pkgs.template-glib

Library for template expansion which supports calling into GObject Introspection from templates

  • nixos-unstable -

pkgs.appstream-glib

Objects and helper methods to read and write AppStream metadata

  • nixos-unstable -

pkgs.geocode-glib_2

Convenience library for the geocoding and reverse geocoding using Nominatim service

  • nixos-unstable -

pkgs.libsignon-glib

Library for managing single signon credentials which can be used from GLib applications

  • nixos-unstable -

pkgs.libaccounts-glib

Library for managing accounts which can be used from GLib applications

  • nixos-unstable -

pkgs.haskellPackages.uu-parsinglib

Fast, online, error-correcting, monadic, applicative, merging, permuting, interleaving, idiomatic parser combinators

  • nixos-unstable -

pkgs.python312Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -

pkgs.python313Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

  • nixos-unstable -
Permalink CVE-2023-6780
created 4 months, 3 weeks ago
Glibc: integer overflow in __vsyslog_internal()

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

Affected products

glibc
  • ==2.39
compat-glibc

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcInfo

GNU Info manual of the GNU C Library

Package maintainers

Permalink CVE-2023-6779
created 4 months, 3 weeks ago
Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.

Affected products

glibc
  • ==2.39
compat-glibc

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcInfo

GNU Info manual of the GNU C Library

Package maintainers

Permalink CVE-2023-6246
created 4 months, 3 weeks ago
Glibc: heap-based buffer overflow in __vsyslog_internal()

A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.

Affected products

glibc
  • ==2.39
compat-glibc

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcInfo

GNU Info manual of the GNU C Library

Package maintainers

Permalink CVE-2023-4527
created 4 months, 3 weeks ago
Glibc: stack read overflow in getaddrinfo in no-aaaa mode

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

Affected products

glibc
  • *
compat-glibc

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcInfo

GNU Info manual of the GNU C Library

Package maintainers

Permalink CVE-2023-4806
created 4 months, 3 weeks ago
Glibc: potential use-after-free in getaddrinfo()

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.

Affected products

glibc
  • *
compat-glibc

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcInfo

GNU Info manual of the GNU C Library

Package maintainers