Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: smartdns

Found 1 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-1425
5.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
created 2 months, 3 weeks ago
pymumu SmartDNS SVBC Record dns.c _dns_decode_SVCB_HTTPS stack-based overflow

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The patch is identified as 2d57c4b4e1add9b4537aeb403f794a084727e1c8. Applying a patch is advised to resolve this issue.

Affected products

SmartDNS
  • ==47.1
  • ==47.0

Matching in nixpkgs

pkgs.smartdns

Local DNS server to obtain the fastest website IP for the best Internet experience

  • nixos-unstable 46.1
    • nixpkgs-unstable 46.1
    • nixos-unstable-small 46.1
  • nixos-25.11 47
    • nixpkgs-25.11-darwin 47

Package maintainers