CVE-2025-46416: Nix/Lix/Guix Build Isolation Bypass and Privilege Escalation

Key Information Vulnerability Name CVE-2025-46416 Description The Nix, Lix, and Guix package managers allow bypassing build isolation, enabling users to escalate privileges to the build user account (e.g., nixbld or guixbuild). This affects Nix versions 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix versions 2.91.2, 2.92.2, and 2.93.1; and Guix versions prior to 1.4.0-38.0e79d5b. Affected Packages and Versions guix (PTS) - bullseye: 1.2.0-4+deb11u2 (vulnerable) - bullseye (security): 1.2.0-4+deb11u3 (vulnerable) - bookworm, bookworm (security): 1.4.0-3+deb12u2 (vulnerable) - trixie, sid: 1.4.0-9 (vulnerable) Fixed Version guix - Type: source - Release: (unstable) - Fixed Version: (unfixed) Related Links https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/ https://codeberg.org/guix/guix/pulls/788 https://codeberg.org/guix/guix/commit/7173c2c0cad8afc9d8d1ad26f345b5a04f47716a https://codeberg.org/guix/guix/commit/be8aca005118aa4485c02f991c51bea89034defa https://codeberg.org/guix/guix/commit/fb42611b8f27960304db5a1cd33b8371dcde2a8 https://codeberg.org/guix/guix/commit/c659f977bb09de6d5615e6aa9effdedcd19ff458 https://codeberg.org/guix/guix/commit/0e79d5b6550729e6ce3bac1e979638ac054ba5a5 https://codeberg.org/guix/guix/commit/30a5d140aa5a789a362749d057754783fea83dde

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-46416: Nix/Lix/Guix Build Isolation Bypass and Privilege Escalation