Nixpkgs security tracker

Permalink CVE-2026-7598

7.3 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): Low (L)
Exploit Code Maturity (E): Not Defined (X)
Remediation Level (RL): Official Fix (O)
Report Confidence (RC): Confirmed (C)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): Low (L)

updated 3 weeks, 2 days ago by @LeSuisse Activity log

Created suggestion 3 weeks, 2 days ago
@LeSuisse ignored
3 packages
- haskellPackages.libssh2
- haskellPackages.libssh2-conduit
- tests.pkg-config.defaultPkgConfigPackages.libssh2
3 weeks, 2 days ago
@LeSuisse ignored
4 references
3 weeks, 2 days ago
@LeSuisse accepted 3 weeks, 2 days ago
@LeSuisse published on GitHub 3 weeks, 2 days ago

libssh2 userauth.c userauth_password integer overflow

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.

References

https://github.com/libssh2/libssh2/pull/1858 issue-trackingpatch
https://github.com/libssh2/libssh2/commit/256d04b60d80bf1190e96b0ad1e91b2174d74… patch

Ignored references (4)

VDB-360555 | libssh2 userauth.c userauth_password integer overflow vdb-entrytechnical-description
VDB-360555 | CTI Indicators (IOB, IOC, IOA) signaturepermissions-required
Submit #805564 | libssh2 <= 1.11.1 Integer Overflow third-party-advisory
https://github.com/libssh2/libssh2/ product

Affected products

libssh2

==1.11.0
==1.11.1

Matching in nixpkgs

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

nixos-unstable 1.11.1
- nixpkgs-unstable 1.11.1
- nixos-unstable-small 1.11.1
nixos-25.11 1.11.1
- nixos-25.11-small 1.11.1
- nixpkgs-25.11-darwin 1.11.1

Ignored packages (3)

pkgs.haskellPackages.libssh2

FFI bindings to libssh2 SSH2 client library (http://libssh2.org/)

nixos-unstable 0.2.0.9-unstable-2025-04-03
- nixpkgs-unstable 0.2.0.9-unstable-2025-04-03
- nixos-unstable-small 0.2.0.9-unstable-2025-04-03
nixos-25.11 0.2.0.9-unstable-2025-04-03
- nixos-25.11-small 0.2.0.9-unstable-2025-04-03
- nixpkgs-25.11-darwin 0.2.0.9-unstable-2025-04-03

pkgs.haskellPackages.libssh2-conduit

Conduit wrappers for libssh2 FFI bindings (see libssh2 package)

nixos-unstable 0.2.1
- nixpkgs-unstable 0.2.1
- nixos-unstable-small 0.2.1
nixos-25.11 0.2.1
- nixos-25.11-small 0.2.1
- nixpkgs-25.11-darwin 0.2.1

pkgs.tests.pkg-config.defaultPkgConfigPackages.libssh2

Test whether libssh2-1.11.1 exposes pkg-config modules libssh2

nixos-unstable libssh2
- nixpkgs-unstable libssh2
- nixos-unstable-small libssh2
nixos-25.11 libssh2
- nixos-25.11-small libssh2
- nixpkgs-25.11-darwin libssh2

Package maintainers

@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>

Suggestions search