GNU Guix Vulnerabilities Allow Remote Privilege Escalation via Malicious Binary Substitutes

GNU Guix has disclosed four serious security vulnerabilities affecting its package substitution and channel-management features. Three flaws in the guix substitute utility can enable remote privilege escalation, corruption of stored data, and local disclosure of files readable by the build daemon user. At the same time, a fourth issue affects guix pull and guix time-machine. […]

The post GNU Guix Vulnerabilities Allow Remote Privilege Escalation via Malicious Binary Substitutes appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: