!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

686 Members
Coordination and triage of security issues in nixpkgs215 Servers

Load older messages

SenderMessageTime
14 Oct 2025
@jassu:kumma.juttu.asiaJassukoBeing able to reduce the search space to a specific amount of bits for the private key is a way more information than you might expect. EC priv key is practically a number between 1 and N-1, where N is the order of the curve. For example with P-256 curve you can have a private key that has 253 effective bits in its representation. Knowing this would directly allow you to limit your search space for figuring out the private key to under 1/8 of the full key space. The practical implications as of now probably don't warrant any direct panic or actions, but building cryptography things is generally based on a strict set of design goals and delivering 100% of the promises given, so in that sense this is a timing side channel which can reveal few bits worth of information of the private key whenever an oracle exists that allows the repeated timing measurements. Well worth fixing and updating, even though there would not be need for a panic-mode actions at this point. Besides, all kinds of weakenings left unpatched tend to gather up, and then the day comes when your security gets broken because someone figured a way to use those things together in clever ways.14:57:17
@vcunat:matrix.orgvcunatI don't think that's what the post implied.14:59:02
@vcunat:matrix.orgvcunat(but it was short)14:59:13
@vcunat:matrix.orgvcunat* (but it was short and didn't go into details)14:59:20
@vcunat:matrix.orgvcunatReducing search space to 1/8th is unpleasant but not a security risk.14:59:56
@vcunat:matrix.orgvcunat* Either way, reducing search space to 1/8th is unpleasant but not a security risk.15:00:03
@vcunat:matrix.orgvcunatI can buy 8-times more powerful computer easily.15:00:23
@jassu:kumma.juttu.asiaJassukoThe test vectors in the git was a bunch of private keys that has different amounts of effective bits in them. I'd say this is probably the relevant context of the thing.15:00:39
@vcunat:matrix.orgvcunat Let's move this to #security-discuss:nixos.org though. 15:00:52
@phale:matrix.orgPhil Hale joined the room.16:26:17
@jtojnar:matrix.orgJan Tojnarhttps://github.com/NixOS/nixpkgs/pull/45121516:34:18
@pinpox:matrix.orgpinpox changed their display name from pinpox to reaktor.21:14:03
@pinpox:matrix.orgpinpox changed their display name from reaktor to pinpox.21:14:04
@jtojnar:matrix.orgJan Tojnarhttps://github.com/NixOS/nixpkgs/pull/452081 21:56:15
15 Oct 2025
@denkn:denkn.atDenKn changed their display name from 𝔇𝔢𝔫𝔎𝔫 to DenKn.08:15:57
@roberthensing:matrix.orgRobert Hensing (roberth) joined the room.21:07:54
@roberthensing:matrix.orgRobert Hensing (roberth)Just found a public security fix. Probably low impact. https://github.com/NixOS/nixpkgs/pull/45237621:08:29
@roberthensing:matrix.orgRobert Hensing (roberth) * Just found a public security fix for libgit2. Probably low impact. https://github.com/NixOS/nixpkgs/pull/452376 21:14:05
@hexa:lossy.networkhexahttps://seclists.org/oss-sec/2025/q4/4622:06:39
@hexa:lossy.networkhexa* https://seclists.org/oss-sec/2025/q4/46 samba22:22:04
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/452396 https://github.com/NixOS/nixpkgs/pull/45239722:43:19
16 Oct 2025
@hexa:lossy.networkhexa https://github.com/element-hq/matrix-authentication-service/security/advisories/GHSA-6wfp-jq3r-j9xh teutat3s 17:34:28
@teutat3s:pub.solarteutat3shttps://github.com/NixOS/nixpkgs/pull/452425#issuecomment-341201882317:56:30
@j-k:matrix.orgj-kBump + maintenance, resolves a moderate https://github.com/NixOS/nixpkgs/pull/452678 https://github.com/in-toto/go-witness/security/advisories/GHSA-72c7-4g63-hpw518:49:33
@spiralp:matrix.orgSpiralP left the room.18:54:23
@spiralp:matrix.orgSpiralP joined the room.18:55:06
18 Oct 2025
@kevincox:matrix.orgkevincox left the room.10:23:21
@joerg:thalheim.ioMic92https://github.com/NixOS/nixpkgs/pull/452376 libgit20:59:30
@grimmauld:grapevine.grimmauld.deGrimmauld (any/all)

binutils 2.45 has a few CVEs, though as we are still on 2.44 it is unclear whether we are affected (likely the answer is yes, but i didn't go look).
Patches seem to exist though, not sure whether they apply on 2.44 base though.

https://nvd.nist.gov/vuln/detail/CVE-2025-11412
https://nvd.nist.gov/vuln/detail/CVE-2025-11413
https://nvd.nist.gov/vuln/detail/CVE-2025-11414
https://nvd.nist.gov/vuln/detail/CVE-2025-11494
https://nvd.nist.gov/vuln/detail/CVE-2025-11495

cc John Ericson i guess

21:08:08
@grimmauld:grapevine.grimmauld.deGrimmauld (any/all) *

binutils 2.45 has a few CVEs, though as we are still on 2.44 it is unclear (to me) whether we are affected (likely the answer is yes, but i didn't go look).
Patches seem to exist though, not sure whether they apply on 2.44 base though.

https://nvd.nist.gov/vuln/detail/CVE-2025-11412
https://nvd.nist.gov/vuln/detail/CVE-2025-11413
https://nvd.nist.gov/vuln/detail/CVE-2025-11414
https://nvd.nist.gov/vuln/detail/CVE-2025-11494
https://nvd.nist.gov/vuln/detail/CVE-2025-11495

cc John Ericson i guess

21:08:19

Show newer messages

Back to Room ListRoom Version: 6