Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2026-25139

created 2 months, 2 weeks ago Activity log

Created suggestion 2 months, 2 weeks ago

RIOT Vulnerable to Multiple Out-of-Bounds Read When Processing Received 6LoWPAN SFR Fragments

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to read adjacent memory locations, or crash a vulnerable device running the 6LoWPAN stack. The received packet is cast into a sixlowpan_sfr_rfrag_t struct and dereferenced without validating the packet is large enough to contain the struct object. At time of publication, no known patch exists.

References

https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-c8fh-23qr-97mc x_refsource_CONFIRM

Affected products

RIOT

==<= 2025.10

Matching in nixpkgs

pkgs.aisleriot

Collection of patience games written in guile scheme

nixos-unstable -
- nixpkgs-unstable 3.22.35
nixos-25.11 3.22.35

pkgs.riot-redis

Get data in and out of Redis

nixos-unstable -
- nixpkgs-unstable 2.19.0
nixos-25.11 2.19.0

pkgs.superiotool

User-space utility to detect Super I/O of a mainboard and provide detailed information about the register contents of the Super I/O

nixos-unstable -
- nixpkgs-unstable 25.12
nixos-25.11 25.09

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@wesnel Wesley Nelson <wgn@wesnel.dev>
@felixsinger Felix Singer <felixsinger@posteo.net>
@jmbaur Jared Baur <jaredbaur@fastmail.com>