Packaged management vulnerability in Nix on macOS
CVE-2024-51481
What is CVE-2024-51481?
The Nix package manager for Linux and Unix systems contains a vulnerability affecting its functionality on macOS. Built-in builders such as builtin:fetchurl, when utilized in a non-sandboxed environment, allow unauthorized access to world-readable paths and write permissions to world-writable paths. This issue arises because the default sandboxing feature is not enabled on macOS. While the Nix sandbox primarily enhances reproducibility of builds and is not intended as a strict security measure, it can help contain the impact of potential security vulnerabilities by restricting system access during builds. Users should upgrade to the fixed versions listed to protect against this access risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.