Nixpkgs security tracker

Untriaged

Permalink CVE-2025-66037

3.9 LOW

CVSS version: 3.1
Attack vector (AV): PHYSICAL
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 2 weeks, 5 days ago

OpenSC: Out of Bounds vulnerability

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, sc_pkcs15_pubkey_from_spki_fields() allocates a zero-length buffer and then reads one byte past the end of that allocation. This issue has been patched in version 0.27.0.

References

https://github.com/OpenSC/OpenSC/security/advisories/GHSA-m58q-rmjm-mmfx x_refsource_CONFIRM
https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66037 x_refsource_MISC

Affected products

OpenSC

==< 0.27.0

Matching in nixpkgs

pkgs.opensc

Set of libraries and utilities to access smart cards

nixos-unstable 0.26.1
- nixpkgs-unstable 0.26.1
- nixos-unstable-small 0.26.1
nixos-25.11 0.26.1
- nixos-25.11-small 0.26.1
- nixpkgs-25.11-darwin 0.26.1

pkgs.openscad

3D parametric model compiler

nixos-unstable 2021.01
- nixpkgs-unstable 2021.01
- nixos-unstable-small 2021.01
nixos-25.11 2021.01
- nixos-25.11-small 2021.01
- nixpkgs-25.11-darwin 2021.01

pkgs.openscap

NIST Certified SCAP 1.2 toolkit

nixos-unstable 1.4.2
- nixpkgs-unstable 1.4.2
- nixos-unstable-small 1.4.2
nixos-25.11 1.4.2
- nixos-25.11-small 1.4.2
- nixpkgs-25.11-darwin 1.4.2

pkgs.openscreen

Free, open-source alternative to Screen Studio (sort of)

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.openscad-lsp

LSP (Language Server Protocol) server for OpenSCAD

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1
nixos-25.11 2.0.1
- nixos-25.11-small 2.0.1
- nixpkgs-25.11-darwin 2.0.1

pkgs.openscenegraph

3D graphics toolkit

nixos-unstable 3.6.5
- nixpkgs-unstable 3.6.5
- nixos-unstable-small 3.6.5
nixos-25.11 3.6.5
- nixos-25.11-small 3.6.5
- nixpkgs-25.11-darwin 3.6.5

pkgs.openscad-unstable

3D parametric model compiler (unstable)

nixos-unstable 2021.01-unstable-2026-02-25
- nixpkgs-unstable 2021.01-unstable-2026-02-25
- nixos-unstable-small 2021.01-unstable-2026-02-25
nixos-25.11 2021.01-unstable-2025-10-27
- nixos-25.11-small 2021.01-unstable-2025-10-27
- nixpkgs-25.11-darwin 2021.01-unstable-2025-10-27

pkgs.kakounePlugins.openscad-kak

None

nixos-unstable 2020-12-10
- nixpkgs-unstable 2020-12-10
- nixos-unstable-small 2020-12-10
nixos-25.11 2020-12-10
- nixos-25.11-small 2020-12-10
- nixpkgs-25.11-darwin 2020-12-10