SB20260408102 - Privilege Dropping / Lowering Errors in nix
Published: April 8, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Privilege Dropping / Lowering Errors (CVE-ID: CVE-2025-53819)
CWE-ID: CWE-271 - Privilege Dropping / Lowering Errors
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to execute builds with elevated privileges.
The vulnerability exists due to privilege dropping / lowering errors in the build user privilege dropping mechanism when executing builds on macOS. A local user can trigger a build to execute it as root to execute builds with elevated privileges.
On affected macOS systems, builds were executed as root instead of the intended build users.
Remediation
Install update from vendor's website.