Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: mkinitcpio-nfs-utils

Found 4 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2025-12801
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 month, 1 week ago
Nfs-utils: rpc.mountd in the nfs-utils privilege escalation

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.

References

Affected products

rhcos
nfs-utils
nfs-utils-lib

Matching in nixpkgs

pkgs.mkinitcpio-nfs-utils

ipconfig and nfsmount tools for root on NFS, ported from klibc

  • nixos-unstable 0.3
    • nixpkgs-unstable 0.3
    • nixos-unstable-small 0.3
  • nixos-25.11 0.3
    • nixos-25.11-small 0.3
    • nixpkgs-25.11-darwin 0.3

Package maintainers

Untriaged
Permalink CVE-1999-0084
8.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 4 weeks ago
Certain NFS servers allow users to use mknod to gain …

Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.

References

Affected products

n/a
  • ==n/a
nfs
  • <4.1.3

Matching in nixpkgs

pkgs.svnfs

FUSE filesystem for accessing Subversion repositories

  • nixos-unstable 0.4
    • nixpkgs-unstable 0.4
    • nixos-unstable-small 0.4
  • nixos-25.11 0.4
    • nixos-25.11-small 0.4
    • nixpkgs-25.11-darwin 0.4

pkgs.openfst

Library for working with finite-state transducers

pkgs.nfstrace

NFS and CIFS tracing/monitoring/capturing/analyzing tool

pkgs.nfs-ganesha

NFS server that runs in user space

  • nixos-unstable 9.5
    • nixpkgs-unstable 9.5
    • nixos-unstable-small 9.5
  • nixos-25.11 6.5
    • nixos-25.11-small 6.5
    • nixpkgs-25.11-darwin 6.5

pkgs.unionfs-fuse

FUSE UnionFS implementation

  • nixos-unstable 3.7
    • nixpkgs-unstable 3.7
    • nixos-unstable-small 3.7
  • nixos-25.11 3.7
    • nixos-25.11-small 3.7
    • nixpkgs-25.11-darwin 3.7

pkgs.mkinitcpio-nfs-utils

ipconfig and nfsmount tools for root on NFS, ported from klibc

  • nixos-unstable 0.3
    • nixpkgs-unstable 0.3
    • nixos-unstable-small 0.3
  • nixos-25.11 0.3
    • nixos-25.11-small 0.3
    • nixpkgs-25.11-darwin 0.3

Package maintainers

Untriaged
Permalink CVE-2023-7207
4.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year, 2 months ago
Debian's cpio contains a path traversal vulnerability. This issue was …

Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.

References

Affected products

cpio
  • <2.14+dfsg-1

Matching in nixpkgs

pkgs.cpio

Program to create or extract from cpio archives

  • nixos-unstable 2.15
    • nixpkgs-unstable 2.15
    • nixos-unstable-small 2.15

pkgs.mkinitcpio-nfs-utils

ipconfig and nfsmount tools for root on NFS, ported from klibc

  • nixos-unstable 0.3
    • nixpkgs-unstable 0.3
    • nixos-unstable-small 0.3

Package maintainers

Untriaged
Permalink CVE-2023-7216
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 year, 2 months ago
Cpio: extraction allows symlinks which enables remote command execution

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.

References

Affected products

cpio

Matching in nixpkgs

pkgs.cpio

Program to create or extract from cpio archives

  • nixos-unstable 2.15
    • nixpkgs-unstable 2.15
    • nixos-unstable-small 2.15

pkgs.mkinitcpio-nfs-utils

ipconfig and nfsmount tools for root on NFS, ported from klibc

  • nixos-unstable 0.3
    • nixpkgs-unstable 0.3
    • nixos-unstable-small 0.3

Package maintainers