Описание
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.26.3+dfsg-1ubuntu2 |
| esm-apps/jammy | released | 2.6.0+dfsg-3ubuntu0.1~esm1 |
| esm-apps/noble | released | 2.18.1+dfsg-1ubuntu5+esm2 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | ignored | end of life, was needed |
| plucky | not-affected | 2.24.9+dfsg-2ubuntu2 |
Показывать по
3.6 Low
CVSS3
Связанные уязвимости
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4.
Nix is a package manager for Linux and other Unix systems that makes p ...
3.6 Low
CVSS3