Products
Nix package manager
- 2.23.1
- 2.22.2
- 2.21.3
- 2.20.7
- 2.19.5
- 2.18.4
Source
security-advisories@github.com
Tags
CVE-2024-38531 details
Published : June 28, 2024, 2:15 p.m.
Last Modified : June 28, 2024, 2:15 p.m.
Last Modified : June 28, 2024, 2:15 p.m.
Description
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4.
CVSS Score
| 1 | 2 | 3.6 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-278 | Insecure Preserved Inherited Permissions | A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
Base Score
3.6
Exploitability Score
1.0
Impact Score
2.5
Base Severity
LOW
Vector String : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
References
| URL | Source |
|---|---|
| https://github.com/NixOS/nix/pull/10501 | security-advisories@github.com |
| https://github.com/NixOS/nix/security/advisories/GHSA-q82p-44mg-mgh5 | security-advisories@github.com |
This website uses the NVD API, but is not approved or certified by it.