Alerts This Week
Warning Icon 1 1,146
Alerts This Week
Warning Icon 1 1,146

Ubuntu 24.04 and 22.04 LTS: USN-7633-1 critical: Nix security flaws

ubuntu
Calendar Grey July 14, 2025
Dist Ubuntu Esm H88
The latest Ubuntu security update addresses crucial vulnerabilities in the Nix package manager, affecting LTS versions and enhancing system integrity and user privacy
Several security issues were fixed in Nix.

Summary

Several security issues were fixed in Nix.

Software Description:

- nix: Cross-platform package manager

Details:

Linus Heckemann discovered that Nix did not correctly handle certain

binaries. An attacker could possibly use this issue to execute

arbitrary code. (CVE-2024-38531)

Pierre-Etienne Meunier discovered that Nix did not correctly handle TLS

certificates. A remote attacker could possibly use this issue to leak

sensitive information. (CVE-2024-47174)

It was discovered that Nix did not correctly handle Unix sockets. An

attacker could possibly use this issue execute arbitrary code. This issue

only affected Ubuntu 24.04 LTS. (CVE-2024-27297)

It was discovered that Nix did not correctly handle unpacking Nix

archives (NARS). If a user or automated system were tricked into opening

a specially crafted file, an attacker could possibly use this issue to

cause a denial of service or execute arbitrary code. (CVE-2024-45593)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  nix-bin                         2.18.1+dfsg-1ubuntu5+esm2
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  nix-bin                         2.6.0+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7633-1

CVE-2024-27297, CVE-2024-38531, CVE-2024-45593, CVE-2024-47174

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7633-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here