Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2026-1684

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 2 months, 2 weeks ago

Free5GC SMF PFCP UDP Endpoint pfcp_reports.go HandleReports denial of service

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcp_reports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to implement a patch to correct this issue.

References

VDB-343477 | Free5GC SMF PFCP UDP Endpoint pfcp_reports.go HandleReports denial of service vdb-entrytechnical-description
VDB-343477 | CTI Indicators (IOB, IOC, TTP, IOA) signaturepermissions-required
Submit #739655 | free5gc SMF v4.1.0 Denial of Service third-party-advisory
Submit #739656 | free5gc SMF v4.1.0 Denial of Service (Duplicate) third-party-advisory
https://github.com/free5gc/free5gc/issues/806 issue-tracking
https://github.com/free5gc/smf/pull/188 patchissue-tracking

Affected products

SMF

==4.0
==4.1.0

Matching in nixpkgs

pkgs.smfh

Sleek Manifest File Handler

nixos-unstable 1.1
- nixpkgs-unstable 1.1
- nixos-unstable-small 1.1
nixos-25.11 1.3
- nixpkgs-25.11-darwin 1.3

pkgs.asmfmt

Go assembler formatter

nixos-unstable 1.3.2
- nixpkgs-unstable 1.3.2
- nixos-unstable-small 1.3.2
nixos-25.11 1.3.2
- nixpkgs-25.11-darwin 1.3.2

pkgs.libsmf

C library for reading and writing Standard MIDI Files

nixos-unstable 1.3
- nixpkgs-unstable 1.3
- nixos-unstable-small 1.3
nixos-25.11 1.3
- nixpkgs-25.11-darwin 1.3

pkgs.nasmfmt

Formatter for NASM source files

nixos-unstable 2022-09-15
- nixpkgs-unstable 2022-09-15
- nixos-unstable-small 2022-09-15
nixos-25.11 2022-09-15
- nixpkgs-25.11-darwin 2022-09-15

pkgs.mt32emu-smf2wav

Produces a WAVE file from a Standard MIDI file (SMF)

nixos-unstable smf2wav-1.9.0
- nixpkgs-unstable smf2wav-1.9.0
- nixos-unstable-small smf2wav-1.9.0
nixos-25.11 smf2wav-1.9.0
- nixpkgs-25.11-darwin smf2wav-1.9.0

pkgs.python312Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python313Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixpkgs-25.11-darwin 0.1.1

Package maintainers

@kalbasit Wael Nasreddine <wael.nasreddine@gmail.com>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@Gerg-L Greg Leyda <gregleyda@proton.me>
@arthsmn Arthur Cerqueira