Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-6069
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
CVE-2026-6069
NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
Affected products
NASM
- ==nasm-3.02rc5
Matching in nixpkgs
pkgs.nasm
80x86 and x86-64 assembler designed for portability and modularity
pkgs.nasmfmt
Formatter for NASM source files
-
nixos-unstable 2022-09-15
- nixpkgs-unstable 2022-09-15
- nixos-unstable-small 2022-09-15
-
nixos-25.11 2022-09-15
- nixos-25.11-small 2022-09-15
- nixpkgs-25.11-darwin 2022-09-15
pkgs.tree-sitter-grammars.tree-sitter-nasm
Tree-sitter grammar for nasm
-
nixos-unstable 0-unstable-2024-11-23
- nixpkgs-unstable 0-unstable-2024-11-23
- nixos-unstable-small 0-unstable-2024-11-23
pkgs.vimPlugins.nvim-treesitter-parsers.nasm
Tree-sitter grammar for nasm
-
nixos-unstable 0.0.0+rev=d1b3638
- nixpkgs-unstable 0.0.0+rev=d1b3638
- nixos-unstable-small 0.0.0+rev=d1b3638
pkgs.python313Packages.tree-sitter-grammars.tree-sitter-nasm
Python bindings for tree-sitter-nasm
-
nixos-unstable 0+unstable20241123
- nixpkgs-unstable 0+unstable20241123
- nixos-unstable-small 0+unstable20241123
pkgs.python314Packages.tree-sitter-grammars.tree-sitter-nasm
Python bindings for tree-sitter-nasm
-
nixos-unstable 0+unstable20241123
- nixpkgs-unstable 0+unstable20241123
- nixos-unstable-small 0+unstable20241123
Package maintainers
-
@pSub Pascal Wittmann <mail@pascal-wittmann.de>
-
@stepbrobd Yifei Sun <ysun@hey.com>
-
@mightyiam Shahar "Dawn" Or <mightyiampresence@gmail.com>
-
@A-jay98 Ali Jamadi <ali@jamadi.me>
-
@adfaure Adrien Faure <adfaure@pm.me>
-
@aciceri Andrea Ciceri <andrea.ciceri@autistici.org>