THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-38531

Nix sandbox escape

AssignerGitHub_M
Reserved2024-06-18
Published2024-06-28
Updated2024-07-08

Description

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4.



LOW: 3.6CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

Problem types

CWE-278: Insecure Preserved Inherited Permissions

Product status

>= 2.23.0, < 2.23.1
affected

>= 2.22.0, < 2.22.2
affected

>= 2.21.0, < 2.21.3
affected

>= 2.20.0, < 2.20.7
affected

>= 2.19.0, < 2.19.5
affected

>= 2.18.0, < 2.18.4
affected

References

https://github.com/NixOS/nix/security/advisories/GHSA-q82p-44mg-mgh5

https://github.com/NixOS/nix/pull/10501

cve.org CVE-2024-38531

nvd.nist.gov CVE-2024-38531

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-38531
© Copyright 2024 THREATINT. Made in Cyprus with +