Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:45951
HistoryMar 20, 2024 - 4:46 p.m.

Improper Check For Unusual Or Exceptional Conditions

2024-03-2016:46:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
nix
vulnerability
improper check
unix domain sockets
derivation
file descriptors

6.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

Nix is vulnerable to a Improper Check for Unusual or Exceptional Conditions which can send file descriptors to files in the Nix store to another program running on the host or another fixed-output derivation through Unix domain sockets in the abstract namespace. This allows the modification of the output of the derivation after Nix has registered the path as “valid” and immutable in the Nix database, enabling the output of fixed-output derivations to be altered from their expected content.

6.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%