Lucene search

Ubuntu.comUB:CVE-2024-38531

HistoryJun 28, 2024 - 12:00 a.m.

CVE-2024-38531

2024-06-2800:00:00

ubuntu.com

nix package manager

local user

hijack builds

setuid binary

permissions

unix

CVSS3

3.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

AI Score

6.9

Confidence

Low

JSON

Nix is a package manager for Linux and other Unix systems that makes
package management reliable and reproducible. A build process has access to
and can change the permissions of the build directory. After creating a
setuid binary in a globally accessible location, a malicious local user can
assume the permissions of a Nix daemon worker and hijack all future builds.
This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5
and 2.18.4.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchnix< anyUNKNOWN
ubuntu24.04noarchnix< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	nix	< any	UNKNOWN
ubuntu	24.04	noarch	nix	< any	UNKNOWN

References

github.com/NixOS/nix/pull/10501

github.com/NixOS/nix/security/advisories/GHSA-q82p-44mg-mgh5

launchpad.net/bugs/cve/CVE-2024-38531

nvd.nist.gov/vuln/detail/CVE-2024-38531

security-tracker.debian.org/tracker/CVE-2024-38531

www.cve.org/CVERecord?id=CVE-2024-38531

CVSS3

3.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

AI Score

6.9

Confidence

Low

JSON

Related for UB:CVE-2024-38531