Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: polkit

Found 3 matching suggestions

Permalink CVE-2025-7519
created 4 months, 3 weeks ago
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

Affected products

rhcos
polkit
  • =<126

Matching in nixpkgs

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

  • nixos-unstable -

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

  • nixos-unstable -

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

  • nixos-unstable -
Permalink CVE-2025-4432
created 4 months, 3 weeks ago
Ring: some aes functions may panic when overflow checking is enabled in ring

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received.

Affected products

gjs
ring
  • <0.17.12
rust
polkit
firefox
snpguest
rpm-ostree
thunderbird
python-maturin
kata-containers
python3.12-maturin
rhtas/tuffer-rhel9
rhtas/tuftool-rhel9
firefox:flatpak/firefox
trustee-guest-components
thunderbird:flatpak/thunderbird
rhtpa/rhtpa-trustification-service-rhel9

Matching in nixpkgs

pkgs.gjs

JavaScript bindings for GNOME

  • nixos-unstable -

pkgs.irust

Cross Platform Rust Repl

  • nixos-unstable -

pkgs.mrustc

Mutabah's Rust Compiler

  • nixos-unstable -

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

  • nixos-unstable -

pkgs.rustup

Rust toolchain installer

  • nixos-unstable -

pkgs.rustus

TUS protocol implementation in Rust

  • nixos-unstable -

pkgs.rustcat

Port listener and reverse shell

  • nixos-unstable -

pkgs.rustfmt

Tool for formatting Rust code according to style guidelines

  • nixos-unstable -

pkgs.rustdesk

Virtual / remote desktop infrastructure for everyone! Open source TeamViewer / Citrix alternative

  • nixos-unstable -

pkgs.rustical

Yet another calendar server aiming to be simple, fast and passwordless

  • nixos-unstable -

pkgs.rustscan

Faster Nmap Scanning with Rust

  • nixos-unstable -

pkgs.rustycli

Access the rust playground right in terminal

  • nixos-unstable -

pkgs.snpguest

CLI tool for interacting with SEV-SNP guest environment

  • nixos-unstable -

pkgs.svd2rust

Generate Rust register maps (`struct`s) from SVD files

  • nixos-unstable -

pkgs.hath-rust

Unofficial Hentai@Home client written in Rust

  • nixos-unstable -

pkgs.rust-motd

Beautiful, useful MOTD generation with zero runtime dependencies

  • nixos-unstable -

pkgs.rustdress

Self-hosted Lightning Address Server

  • nixos-unstable -

pkgs.rusti-cal

Minimal command line calendar, similar to cal

  • nixos-unstable -

pkgs.rustic-rs

Fast, encrypted, deduplicated backups powered by pure Rust

  • nixos-unstable -

pkgs.rustlings

Explore the Rust programming language and learn more about it while doing exercises

  • nixos-unstable -

pkgs.rusty-man

Command-line viewer for documentation generated by rustdoc

  • nixos-unstable -

pkgs.rusty-psn

Simple tool to grab updates for PS3 games, directly from Sony's servers using their updates API

  • nixos-unstable -

pkgs.rustywind

CLI for organizing Tailwind CSS classes

  • nixos-unstable -

pkgs.xulrunner

Web browser built from Firefox source tree

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

  • nixos-unstable -

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

  • nixos-unstable -

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

  • nixos-unstable -

pkgs.rustfinity

CLI for Rustfinity challenges solving

  • nixos-unstable -

pkgs.rustpython

Python 3 interpreter in written Rust

  • nixos-unstable -

pkgs.rusty-bash

Bash written with Rust, a.k.a. sushi shell

  • nixos-unstable -

pkgs.rustypaste

Minimal file upload/pastebin service

  • nixos-unstable -

pkgs.slowlorust

Lightweight slowloris (HTTP DoS) tool

  • nixos-unstable -

pkgs.trustymail

Tool to scan domains and return data based on trustworthy email best practices

  • nixos-unstable -

pkgs.uncrustify

Source code beautifier for C, C++, C#, ObjectiveC, D, Java, Pawn and VALA

  • nixos-unstable -

pkgs.ff2mpv-rust

Native messaging host for ff2mpv written in Rust

  • nixos-unstable -

pkgs.rust-script

Run Rust files and expressions as scripts without any setup or compilation step

  • nixos-unstable -

pkgs.rustmission

TUI for the Transmission daemon

  • nixos-unstable -

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

  • nixos-unstable -

pkgs.rust-bindgen

Automatically generates Rust FFI bindings to C (and some C++) libraries

  • nixos-unstable -

pkgs.rust-petname

Generate human readable random names

  • nixos-unstable -

pkgs.rustc-wasm32

Safe, concurrent, practical language (wrapper script)

  • nixos-unstable -

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.i3status-rust

Very resource-friendly and feature-rich replacement for i3status

  • nixos-unstable -

pkgs.rust-cbindgen

Project for generating C bindings from Rust code

  • nixos-unstable -

pkgs.rust-parallel

Rust shell tool to run commands in parallel with a similar interface to GNU parallel

  • nixos-unstable -

pkgs.rustls-libssl

Partial reimplementation of the OpenSSL 3 libssl ABI using rustls

  • nixos-unstable -

pkgs.rusty-psn-gui

Simple tool to grab updates for PS3 games, directly from Sony's servers using their updates API

  • nixos-unstable -

pkgs.starlark-rust

Rust implementation of the Starlark language

  • nixos-unstable -

pkgs.svd2rust-form

Library for splitting apart a large file with multiple modules into the idiomatic rust directory structure

  • nixos-unstable -

pkgs.aw-server-rust

High-performance implementation of the ActivityWatch server, written in Rust

  • nixos-unstable -

pkgs.doh-proxy-rust

Fast, mature, secure DoH server proxy written in Rust

  • nixos-unstable -

pkgs.faust2jackrust

The faust2jackrust script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.rusty-diceware

Commandline diceware, with or without dice, written in Rustlang

  • nixos-unstable -

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

  • nixos-unstable -

pkgs.rust-audit-info

Command-line tool to extract the dependency trees embedded in binaries by cargo-auditable

  • nixos-unstable -

pkgs.rust-streamdeck

ibusb based driver for Elgato StreamDeck devices

  • nixos-unstable -

pkgs.rustdesk-flutter

Virtual / remote desktop infrastructure for everyone! Open source TeamViewer / Citrix alternative

  • nixos-unstable -

pkgs.lomiri.trust-store

Common implementation of a trust store to be used by trusted helpers

  • nixos-unstable -

pkgs.piping-server-rust

Infinitely transfer between every device over pure HTTP with pipes or browsers

  • nixos-unstable -

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account

  • nixos-unstable -

pkgs.luaPackages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

Package maintainers

Permalink CVE-2025-3416
created 4 months, 3 weeks ago
Openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.

Affected products

gjs
polkit
firefox
mozjs60
openssl
rpm-ostree
389-ds-base
rust-bootupd
rust-openssl
  • <0.10.72
mingw-openssl
kata-containers
keylime-agent-rust
rhtas/tuffer-rhel9
rhtas/tuftool-rhel9
389-ds:1.4/389-ds-base
firefox:flatpak/firefox
python3.12-cryptography
redhat-ds:11/389-ds-base
redhat-ds:12/389-ds-base
rhtpa/rhtpa-trustification-service-rhel9

Matching in nixpkgs

pkgs.gjs

JavaScript bindings for GNOME

  • nixos-unstable -

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

  • nixos-unstable -

pkgs.openssl

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.xulrunner

Web browser built from Firefox source tree

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

  • nixos-unstable -

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

  • nixos-unstable -

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

  • nixos-unstable -

pkgs.openssl_1_1

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.openssl_3_0

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.openssl_3_5

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs._389-ds-base

Enterprise-class Open Source LDAP server for Linux

  • nixos-unstable -

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

  • nixos-unstable -

pkgs.tpm2-openssl

OpenSSL Provider for TPM2 integration

  • nixos-unstable -

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.openssl_legacy

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

  • nixos-unstable -

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account

  • nixos-unstable -

Package maintainers