{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-52992", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-06-27T15:18:30.716Z", "dateReserved": "2025-06-23T00:00:00.000Z", "datePublished": "2025-06-27T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Nix", "vendor": "NixOS", "versions": [{"lessThan": "2.24.15", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "2.26.4", "status": "affected", "version": "2.25.0", "versionType": "semver"}, {"lessThan": "2.28.4", "status": "affected", "version": "2.27.0", "versionType": "semver"}, {"lessThan": "2.29.1", "status": "affected", "version": "2.29.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-06-27T13:33:22.543Z"}, "references": [{"url": "https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017"}, {"url": "https://lix.systems/blog/2025-06-24-lix-cves/"}, {"url": "https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/"}, {"url": "https://labs.snyk.io"}, {"url": "https://security.snyk.io/vuln/?search=CVE-2025-52992"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2025-52992"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.24.15"}, {"vulnerable": true, "criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.25.0", "versionEndExcluding": "2.26.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.27.0", "versionEndExcluding": "2.28.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.29.0", "versionEndExcluding": "2.29.1"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-27T15:17:46.777042Z", "id": "CVE-2025-52992", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-27T15:18:30.716Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-52992", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-27T15:17:46.777042Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-27T15:18:22.925Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}}], "affected": [{"vendor": "NixOS", "product": "Nix", "versions": [{"status": "affected", "version": "0", "lessThan": "2.24.15", "versionType": "semver"}, {"status": "affected", "version": "2.25.0", "lessThan": "2.26.4", "versionType": "semver"}, {"status": "affected", "version": "2.27.0", "lessThan": "2.28.4", "versionType": "semver"}, {"status": "affected", "version": "2.29.0", "lessThan": "2.29.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017"}, {"url": "https://lix.systems/blog/2025-06-24-lix-cves/"}, {"url": "https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/"}, {"url": "https://labs.snyk.io"}, {"url": "https://security.snyk.io/vuln/?search=CVE-2025-52992"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2025-52992"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.24.15"}, {"criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.26.4", "versionStartIncluding": "2.25.0"}, {"criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.28.4", "versionStartIncluding": "2.27.0"}, {"criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.29.1", "versionStartIncluding": "2.29.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-06-27T13:33:22.543Z"}}}, "cveMetadata": {"cveId": "CVE-2025-52992", "state": "PUBLISHED", "dateUpdated": "2025-06-27T15:18:30.716Z", "dateReserved": "2025-06-23T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-06-27T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b."}, {"lang": "es", "value": "Los gestores de paquetes Nix, Lix y Guix no configuran correctamente los permisos cuando falla una compilaci\u00f3n derivada. Esto puede permitir que procesos arbitrarios modifiquen el contenido de un almac\u00e9n fuera del entorno de pruebas de compilaci\u00f3n. Esto afecta a Nix anteriores a 2.24.15, 2.26.4, 2.28.4 y 2.29.1; Lix anteriores a 2.91.2, 2.92.2 y 2.93.1; y Guix anteriores a 1.4.0-38.0e79d5b. "}], "id": "CVE-2025-52992", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2025-06-27T14:15:41.990", "references": [{"source": "cve@mitre.org", "url": "https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017"}, {"source": "cve@mitre.org", "url": "https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/"}, {"source": "cve@mitre.org", "url": "https://labs.snyk.io"}, {"source": "cve@mitre.org", "url": "https://lix.systems/blog/2025-06-24-lix-cves/"}, {"source": "cve@mitre.org", "url": "https://security-tracker.debian.org/tracker/CVE-2025-52992"}, {"source": "cve@mitre.org", "url": "https://security.snyk.io/vuln/?search=CVE-2025-52992"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{}

{}