CVE-2024-27297

Exploit

EPSS 0.06%
Veröffentlicht 11.03.2024 22:15:55
Zuletzt bearbeitet 27.06.2025 13:15:23
Quelle security-advisories@github.com
Teams Watchlist Login
Unerledigt Login

Nix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another program running on the host (or another fixed-output derivation) via Unix domain sockets in the abstract namespace. This allows to modify the output of the derivation, after Nix has registered the path as "valid" and immutable in the Nix database. In particular, this allows the output of fixed-output derivations to be modified from their expected content. This issue has been addressed in versions 2.3.18 2.18.2 2.19.4 and 2.20.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nixos ≫ Nix Version < 2.3.18

Nixos ≫ Nix Version >= 2.4 < 2.18.2

Nixos ≫ Nix Version >= 2.19.0 < 2.19.4

Nixos ≫ Nix Version >= 2.20.0 < 2.20.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.169

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
security-advisories@github.com	6.3	2.1	4.2	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

https://github.com/NixOS/nix/commit/f8170ce9f119e5e6724eb81ff1b5a2d4c0024000

Patch

https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37

Vendor Advisory

https://hackmd.io/03UGerewRcy3db44JQoWvw

Exploit

https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/

https://nvd.nist.gov/vuln/detail/CVE-2024-27297

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27297

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27297

EUVD