#VU125376 Path traversal in nix - CVE-2024-45593
Published: September 10, 2024 / Updated: April 8, 2026
Vulnerability identifier: #VU125376
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-45593
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
nix
nix
Software vendor:
nixos.org
nixos.org
Description
The vulnerability allows a remote user to write to arbitrary file system locations accessible to the Nix process.
The vulnerability exists due to improper path restriction in NAR unpacking when processing a crafted NAR. A remote user can supply a specially crafted NAR to write to arbitrary file system locations accessible to the Nix process.
When the Nix daemon is used, the file writes occur with root permissions. User interaction is required to unpack the crafted NAR.
Remediation
Install security update from vendor's website.