CVE-2021-27851MEDIUMCVSS 5.5≥ v0.11.0-3298-g2608e40988, < unspecified·≥ unspecified, < v1.2.0-75109-g94f03125462021-04-26
CVE-2021-27851 [MEDIUM] CWE-264 CVE-2021-27851: A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’
A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with `guix build`, that makes its build directory world-writable. The user then creates a hardli
cvelistv5nvd