Medium severity5.7NVD Advisory· Published Sep 15, 2025· Updated Apr 15, 2026
CVE-2025-59378
CVE-2025-59378
Description
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it (even after the build has ended).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1618ca7
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.