We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-32438

Local privilege escalation in make-initrd-ng



Description

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 and 25.05 / unstable. As a workaround, set systemd.shutdownRamfs.enable = false;.

Reserved 2025-04-08 | Published 2025-04-15 | Updated 2025-04-15 | Assigner GitHub_M


HIGH: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-378: Creation of Temporary File With Insecure Permissions

CWE-379: Creation of Temporary File in Directory with Insecure Permissions

Product status

< b17590193d8e5697000c23c66afcf11e1753734d
affected

< fbf76bf72b161b9f4ab97704a8258776d5f3ffba
affected

References

github.com/...ixpkgs/security/advisories/GHSA-m7pq-h9p4-8rr4

github.com/...ommit/b17590193d8e5697000c23c66afcf11e1753734d

github.com/...ommit/fbf76bf72b161b9f4ab97704a8258776d5f3ffba

cve.org (CVE-2025-32438)

nvd.nist.gov (CVE-2025-32438)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-32438

Support options

Helpdesk Chat, Email, Knowledgebase