Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: rizin

Found 5 matching suggestions

View:
Compact
Detailed
Published
Permalink CVE-2026-22780
4.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
updated 1 month, 3 weeks ago by @jopejoe1 Activity log
  • Created automatic suggestion 1 month, 3 weeks ago
  • @jopejoe1 removed
    2 packages
    • rizinPlugins.sigdb
    • cutterPlugins.sigdb
    1 month, 3 weeks ago
  • @jopejoe1 accepted 1 month, 3 weeks ago
  • @jopejoe1 removed maintainer @chayleaf 1 month, 3 weeks ago
  • @jopejoe1 published on GitHub 1 month, 3 weeks ago
Rizin has a heap overflow on mach0_chained_fixups.c

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2.

References

Affected products

rizin
  • ==< 0.8.2

Matching in nixpkgs

pkgs.rizin

UNIX-like reverse engineering framework and command-line toolset

Package maintainers

Upstream fix: https://github.com/rizinorg/rizin/releases/tag/v0.8.2
Upstream advisory: https://github.com/rizinorg/rizin/security/advisories/GHSA-f3v7-xhmj-9cjj
Unstable fix: https://github.com/NixOS/nixpkgs/pull/486103
Untriaged
Permalink CVE-2023-25585
4.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 1 week ago
Field `file_table` of `struct module *module` is uninitialized

A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.

References

Affected products

rizin
insight
radare2
binutils
mingw-binutils
gcc-toolset-11-binutils
gcc-toolset-12-binutils

Matching in nixpkgs

pkgs.rizin

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.bintools

System binary utilities (wrapper script)

  • nixos-unstable -

pkgs.binutils

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutilsNoLibc

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.cargo-binutils

Cargo subcommands to invoke the LLVM tools shipped with the Rust toolchain

  • nixos-unstable -

pkgs.binutils_nogold

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutils-unwrapped

Tools for manipulating binaries (linker, assembler, etc.)

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2023-25584
6.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 1 week ago
Out of bounds read in parse_module function in bfd/vms-alpha.c

An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

References

Affected products

rizin
insight
radare2
binutils
mingw-binutils
gcc-toolset-11-gdb
gcc-toolset-12-gdb
gcc-toolset-11-binutils
gcc-toolset-12-binutils

Matching in nixpkgs

pkgs.rizin

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.bintools

System binary utilities (wrapper script)

  • nixos-unstable -

pkgs.binutils

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutilsNoLibc

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.cargo-binutils

Cargo subcommands to invoke the LLVM tools shipped with the Rust toolchain

  • nixos-unstable -

pkgs.binutils_nogold

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutils-unwrapped

Tools for manipulating binaries (linker, assembler, etc.)

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2023-25588
4.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 1 week ago
Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.

References

Affected products

rizin
insight
radare2
binutils
mingw-binutils
gcc-toolset-11-binutils
gcc-toolset-12-binutils

Matching in nixpkgs

pkgs.rizin

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.bintools

System binary utilities (wrapper script)

  • nixos-unstable -

pkgs.binutils

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutilsNoLibc

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.cargo-binutils

Cargo subcommands to invoke the LLVM tools shipped with the Rust toolchain

  • nixos-unstable -

pkgs.binutils_nogold

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutils-unwrapped

Tools for manipulating binaries (linker, assembler, etc.)

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2023-25586
4.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 1 week ago
Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized

A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.

References

Affected products

gdb
rizin
insight
radare2
binutils
mingw-binutils
gcc-toolset-11-gdb
gcc-toolset-12-gdb
gcc-toolset-11-binutils
gcc-toolset-12-binutils

Matching in nixpkgs

pkgs.gdb

GNU Project debugger

  • nixos-unstable -

pkgs.cgdb

Curses interface to gdb

  • nixos-unstable -

pkgs.gdbm

GNU dbm key/value database library

  • nixos-unstable -

pkgs.rizin

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.xxgdb

Simple but powerful graphical interface to gdb

  • nixos-unstable -

pkgs.gdbgui

Browser-based frontend for GDB

pkgs.eggdbus

D-Bus bindings for GObject

  • nixos-unstable -

pkgs.gdbuspp

GDBus++ - a glib2 D-Bus wrapper for C++

  • nixos-unstable -
    • nixpkgs-unstable 3

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

  • nixos-unstable -

pkgs.sgdboop

Applying custom artwork to Steam, using SteamGridDB

  • nixos-unstable -

pkgs.bintools

System binary utilities (wrapper script)

  • nixos-unstable -

pkgs.binutils

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.gdb-dashboard

Modular visual interface for GDB in Python

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.binutilsNoLibc

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.cargo-binutils

Cargo subcommands to invoke the LLVM tools shipped with the Rust toolchain

  • nixos-unstable -

pkgs.binutils_nogold

Tools for manipulating binaries (linker, assembler, etc.) (wrapper script)

  • nixos-unstable -

pkgs.binutils-unwrapped

Tools for manipulating binaries (linker, assembler, etc.)

  • nixos-unstable -

pkgs.cudaPackages.cuda_gdb

CUDA GDB. By downloading and using the packages you accept the terms and conditions of the CUDA EULA

Package maintainers