Path traversal in nix - CVE-2024-45593

 

Path traversal in nix - CVE-2024-45593

Published: September 10, 2024 / Updated: April 8, 2026


Vulnerability identifier: #VU125376
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-45593
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: nixos.org
Affected software:
nix

Detailed vulnerability description

The vulnerability allows a remote user to write to arbitrary file system locations accessible to the Nix process.

The vulnerability exists due to improper path restriction in NAR unpacking when processing a crafted NAR. A remote user can supply a specially crafted NAR to write to arbitrary file system locations accessible to the Nix process.

When the Nix daemon is used, the file writes occur with root permissions. User interaction is required to unpack the crafted NAR.


How to mitigate CVE-2024-45593

Install security update from vendor's website.

Sources