CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it (even after the build has ended).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.7 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
mitreCNA
5.7 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
guix
bullseye
vulnerable
bullseye (security)
vulnerable
sid
vulnerable
Common Weakness Enumeration
References
https://codeberg.org/guix/guix/commit/1618ca7aa2ee8b6519ee9fd0b965e15eca2bfe45
https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerability-2025-2/