Nixpkgs security tracker

Permalink CVE-2026-32746

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 3 months, 1 week ago by @LeSuisse Activity log

Created suggestion 3 months, 1 week ago
@LeSuisse accepted 3 months, 1 week ago
@LeSuisse published on GitHub 3 months, 1 week ago

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write …

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

References

Affected products

inetutils

=<2.7

Matching in nixpkgs

pkgs.inetutils

Collection of common network programs

nixos-unstable 2.7
- nixpkgs-unstable 2.7
- nixos-unstable-small 2.7

Upstream patch: https://codeberg.org/inetutils/inetutils/commit/6864598a29b652a6b69a958f5cd1318aa2b258af

Permalink CVE-2026-32772

3.4 LOW

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Changed (C)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

updated 3 months, 1 week ago by @LeSuisse Activity log

Created suggestion 3 months, 1 week ago
@LeSuisse accepted 3 months, 1 week ago
@LeSuisse published on GitHub 3 months, 1 week ago

telnet in GNU inetutils through 2.7 allows servers to read …

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

References

https://www.openwall.com/lists/oss-security/2026/03/13/1

Affected products

inetutils

=<2.7

Matching in nixpkgs

pkgs.inetutils

Collection of common network programs

nixos-unstable 2.7
- nixpkgs-unstable 2.7
- nixos-unstable-small 2.7

Upstream discussion: https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00038.html
OSS Sec thread: https://www.openwall.com/lists/oss-security/2026/03/13/1

Permalink CVE-2026-28372

7.4 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 3 months, 4 weeks ago by @anthonyroussel Activity log

Created suggestion 3 months, 4 weeks ago
@anthonyroussel accepted 3 months, 4 weeks ago
@anthonyroussel published on GitHub 3 months, 4 weeks ago

telnetd in GNU inetutils through 2.7 allows privilege escalation that …

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.

References

Affected products

inetutils

=<2.7

Matching in nixpkgs

pkgs.inetutils

Collection of common network programs

nixos-unstable 2.7
- nixpkgs-unstable 2.7
- nixos-unstable-small 2.7

Upstream advisory: https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html
Upstream patch: https://cgit.git.savannah.gnu.org/cgit/inetutils.git/commit/?id=4db2f19f4caac03c7f4da6363c140bd70df31386

Permalink CVE-2026-24061

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 5 months ago by @LeSuisse Activity log

Created suggestion 5 months ago
@LeSuisse accepted 5 months ago
@LeSuisse published on GitHub 5 months ago

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass …

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

References

Affected products

Inetutils

=<2.7

Matching in nixpkgs

pkgs.inetutils

Collection of common network programs

nixos-unstable 2.6
- nixpkgs-unstable 2.6
- nixos-unstable-small 2.6

Package maintainers

@matthewbauer Matthew Bauer <mjbauer95@gmail.com>

Upstream advisory: https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.inetutils

References

Affected products

Matching in nixpkgs

pkgs.inetutils

References

Affected products

Matching in nixpkgs

pkgs.inetutils

References

Affected products

Matching in nixpkgs

pkgs.inetutils

Package maintainers