Security Advisory

CVE-2025-59378

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-15 00:00:00

Last updated 2025-09-15 20:23:44

Assigner mitre

State PUBLISHED

Description

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it (even after the build has ended).

← Browse all CVEs View on cve.org ↗