Nixpkgs security tracker

Login with GitHub

Suggestions search

With package: nltk-data.maxent-treebank-pos-tagger-tab

Found 10 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-42490
6.5 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
created 2 weeks, 6 days ago Activity log
  • Created suggestion
domctl lock open to abuse

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is, however, not providing any fairness. This is CVE-2026-42489. Furthermore, with XSM/Flask in use, the lock acquire will, for some operations, occur ahead of any permission checking. This is CVE-2026-42490.

Affected products

Xen
  • ==consult Xen advisory XSA-492

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
  • nixos-unstable -
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
Untriaged
Permalink CVE-2026-42489
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): High (H)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): High (H)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
created 2 weeks, 6 days ago Activity log
  • Created suggestion
domctl lock open to abuse

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is, however, not providing any fairness. This is CVE-2026-42489. Furthermore, with XSM/Flask in use, the lock acquire will, for some operations, occur ahead of any permission checking. This is CVE-2026-42490.

Affected products

Xen
  • ==consult Xen advisory XSA-492

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
  • nixos-unstable -
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
Untriaged
Permalink CVE-2026-42487
7.9 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): Low (L)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): High (H)
created 2 weeks, 6 days ago Activity log
  • Created suggestion
x86 HVM I/O port list traversal

HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model (via XEN_DOMCTL_ioport_mapping), and hence the linked list used may changed at any time. Traversal of those lists (while handling guest I/O port accesses) therefore needs synchronizing with updates, which was missing so far.

Affected products

Xen
  • ==consult Xen advisory XSA-491

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
  • nixos-unstable -
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
Untriaged
Permalink CVE-2026-42488
8.1 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 2 weeks, 6 days ago Activity log
  • Created suggestion
x86: mismatched mapcache metadata

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache.

Affected products

Xen
  • ==consult Xen advisory XSA-494

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
  • nixos-unstable -
    • nixos-unstable-small
  • nixos-26.05 -
    • nixos-26.05-small
    • nixpkgs-26.05-darwin
Dismissed
Permalink CVE-2026-23558
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 1 month, 2 weeks ago by @SigmaSquadron Activity log
  • Created suggestion
  • @SigmaSquadron dismissed
grant table v2 race in status page mapping

The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status page(s) via XENMEM_add_to_physmap. Some of the status pages may then be freed while mappings of them would still be inserted into the guest's secondary (P2M) page tables.

Affected products

Xen
  • ==consult Xen advisory XSA-486

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.hhexen

Linux port of Raven Game's Hexen

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
Already patched in all branches.
Dismissed
Permalink CVE-2026-23557
6.5 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
updated 1 month, 2 weeks ago by @SigmaSquadron Activity log
  • Created suggestion
  • @SigmaSquadron dismissed
Xenstored DoS via XS_RESET_WATCHES command

Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering. In case xenstored was built with NDEBUG #defined nothing bad will happen, as assert() is doing nothing in this case. Note that the default is not to define NDEBUG for xenstored builds even in release builds of Xen.

Affected products

Xen
  • ==consult Xen advisory XSA-484

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.hhexen

Linux port of Raven Game's Hexen

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
Already patched in all branches.
Dismissed
Permalink CVE-2026-23554
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 2 months, 1 week ago by @SigmaSquadron Activity log
  • Created suggestion
  • @SigmaSquadron dismissed
Use after free of paging structures in EPT

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush. Freeing of paging structures however is not deferred until the flushing is done, and can result in freed pages transiently being present in cached state. Such stale entries can point to memory ranges not owned by the guest, thus allowing access to unintended memory regions.

Affected products

Xen
  • ==consult Xen advisory XSA-480

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.hhexen

Linux port of Raven Game's Hexen

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
Already fixed.
Dismissed
Permalink CVE-2026-23555
7.1 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
updated 2 months, 1 week ago by @SigmaSquadron Activity log
  • Created suggestion
  • @SigmaSquadron dismissed
Xenstored DoS by unprivileged domain

Any guest issuing a Xenstore command accessing a node using the (illegal) node path "/local/domain/", will crash xenstored due to a clobbered error indicator in xenstored when verifying the node path. Note that the crash is forced via a failing assert() statement in xenstored. In case xenstored is being built with NDEBUG #defined, an unprivileged guest trying to access the node path "/local/domain/" will result in it no longer being serviced by xenstored, other guests (including dom0) will still be serviced, but xenstored will use up all cpu time it can get.

Affected products

Xen
  • ==consult Xen advisory XSA-481

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.hhexen

Linux port of Raven Game's Hexen

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
Already fixed.
Dismissed
Permalink CVE-2025-58150
8.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 5 months, 1 week ago by @SigmaSquadron Activity log
  • Created suggestion
  • @SigmaSquadron dismissed
x86: buffer overrun with shadow paging + tracing

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.

Affected products

Xen
  • ==consult Xen advisory XSA-477

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.hhexen

Linux port of Raven Game's Hexen

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

Package maintainers

Already fixed.
Dismissed
Permalink CVE-2026-23553
2.9 LOW
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 5 months, 1 week ago by @SigmaSquadron Activity log
  • Created suggestion
  • @SigmaSquadron dismissed
x86: incomplete IBPB for vCPU isolation

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1) vCPU runs on CPU A, running task 1. 2) vCPU moves to CPU B, idle gets scheduled on A. Xen skips IBPB. 3) On CPU B, guest kernel switches from task 1 to 2, issuing IBPB. 4) vCPU moves back to CPU A. Xen skips IBPB again. Now, task 2 is running on CPU A with task 1's training still in the BTB.

Affected products

Xen
  • ==consult Xen advisory XSA-479

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenon

Monitoring tool based on radon

pkgs.hhexen

Linux port of Raven Game's Hexen

pkgs.uhexen2

Cross-platform port of Hexen II game

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

Package maintainers

Already fixed.