← back
CVE-2025-53819

Nix's privilege dropping to build user broke for macOS

CVSS 7.9 HIGHEPSS 0.1%CWE-271
Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
Affected products
NixOS · nix

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3https://github.com/NixOS/nix/pull/13281https://github.com/NixOS/nix/pull/13455https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg