Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-27297
HistoryMar 11, 2024 - 12:00 a.m.

CVE-2024-27297

2024-03-1100:00:00
ubuntu.com
ubuntu.com
11
nix package manager
fixed-output derivations
unix domain sockets
unauthorized modification

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

AI Score

7.1

Confidence

High

EPSS

0

Percentile

15.5%

Nix is a package manager for Linux and other Unix systems. A fixed-output
derivations on Linux can send file descriptors to files in the Nix store to
another program running on the host (or another fixed-output derivation)
via Unix domain sockets in the abstract namespace. This allows to modify
the output of the derivation, after Nix has registered the path as “valid”
and immutable in the Nix database. In particular, this allows the output of
fixed-output derivations to be modified from their expected content. This
issue has been addressed in versions 2.3.18 2.18.2 2.19.4 and 2.20.5. Users
are advised to upgrade. There are no known workarounds for this
vulnerability.

Bugs

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

AI Score

7.1

Confidence

High

EPSS

0

Percentile

15.5%